Info collector

Scam: “Help Your Child To Be A Professional Footballer.” / info@champ-footballacademyagency.co.uk

By on October 8, 2017 in Latest SPAM

This spam email is a scam: Subject:       Help Your Child To Be A Professional Footballer.From:       “FC Academy” [csa@sargas-tm.eu]Date:       Sun, October 8, 2017 10:30 amTo:       “Recipients” [fcsa@sargas-tm.eu]Priority:       NormalHello,Does your child desire to become a professional footballer?Our football academy are currently scouting for young football player to participate in 3-6

Continue Reading »

Malware spam: “Emailing: Scan0xxx” from “Sales” delivers Locky or Trickbot

By on September 28, 2017 in Latest SPAM

This fake document scan delivers different malware depending on the victim’s location: Subject:       Emailing: Scan0963 From:       “Sales” [sales@victimdomain.tld] Date:       Thu, September 28, 2017 10:31 am Your message is ready to be sent with the following file or link attachments: Scan0963 Note: To protect against computer viruses, e-mail programs may prevent sending or […]

Continue Reading »

izeselet.hu (2017/09/28_08:11)

By on September 28, 2017 in Malware Domains

Host: izeselet.hu/wp-content/uploads/2016/03/ch.js, IP address: 87.229.63.171, ASN: 62292, Country: HU, Description: coin mining

Continue Reading »

Malware spam: “AutoPosted PI Notifier”

By on September 26, 2017 in Latest SPAM

This spam has a .7z file leading to Locky ransomware. From:      “AutoPosted PI Notifier” [NoReplyMailbox@redacted.tld] Subject:      Invoice PIS9344608 Date:      Tue, September 26, 2017 5:29 pm Please find Invoice PIS9344608 attached. The number referenced in the spam varies, but attached is a .7z archive file with a matching filename. In turn, this contains […]

Continue Reading »

Malware spam: “Invoice RE-2017-09-21-00xxx” from “Amazon Marketplace”

By on September 21, 2017 in Latest SPAM

This fake Amazon spam comes with a malicious attachment: Subject:       Invoice RE-2017-09-21-00794 From:       “Amazon Marketplace” [yAhbPDAoufvZE@marketplace.amazon.co.uk] Date:       Thu, September 21, 2017 9:21 am Priority:       Normal ————- Begin message ————- Dear customer, We want to use this opportunity to first say “Thank you very much for your purchase!”

Continue Reading »

Malware spam: “Status of invoice” with .7z attachment

By on September 18, 2017 in Latest SPAM

This spam leads to Locky ransomware: Subject:       Status of invoiceFrom:       “Rosella Setter” ordering@[redacted]Date:       Mon, September 18, 2017 9:30 amHello,Could you please let me know the status of the attached invoice? Iappreciate your help!Best regards,Rosella SetterTel: 206-575-8068 x 100 Fax: 206-575-8094*NEW*   Ordering@[redacted].com* Kindly note we will be closed Monday in

Continue Reading »

QTUM Cryptocurrency spam

By on September 6, 2017 in Latest SPAM

This spam email appears to be sent by the Necurs botnet, advertising a new Bitcoin-like cryptocurrency called QTUM. Necurs is often used to pump malware, pharma and data spam and sometimes stock pump and dump. There is no guarantee that this is actually being sent by the people running QTUM, it could simply be a […]

Continue Reading »

Malware spam: “Scanning” pretending to be from tayloredgroup.co.uk

By on September 5, 2017 in Latest SPAM

This spam email pretends to be from tayloredgroup.co.uk but it is just a simple forgery leading to Locky ransomware. There is both a malicious attachment and link in the body text. The name of the sender varies. Subject:       ScanningFrom:       “Jeanette Randels” [Jeanette.Randels@tayloredgroup.co.uk]Date:       Thu, May 18, 2017 8:26 pmhttps://dropbox.com/file/9A30AA– Jeanette Randels

Continue Reading »

FCC Promotes Best Practices for SS7 Communications

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 24, 2017 The Federal Communications Commission (FCC) has released a public notice encouraging communications service providers to voluntarily use security best practices recommended by the Communications Security, Reliability, and Interoperability Council (CSRIC), a federal advisory committee to the FCC. These best practices help prevent exploitation of Signaling System 7 (SS7) network […]

Continue Reading »

DNSSEC Key Signing Key Rollover

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 21, 2017 On October 11, 2017, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the domain name system (DNS) Security Extensions (DNSSEC) protocol.  DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which […]

Continue Reading »

Top
All of these posts originated on blog.dynamoo.com, us-cert.gov and malwaredomainlist.com and are automatically reposted on colors.cbnetsecurity.com.X