Info collector

Malware spam: “Sprawdź stan przesylki DHL”

By on April 11, 2017 in Latest SPAM

This spam targeting Polish victims seems quite widespread. It leads to malware. The email is personalised with the victim’s real name which has been harvested from somewhere. From: DHL Express (Poland) [mailto:biuro@nawigatorxxi.pl] Sent: Monday, April 10, 2017 7:09 PM To: [redacted] Subject: Sprawdź stan przesylki DHL Sprawdź stan przesylki DHL Szanowny Kliencie, [redacted] Informujemy,

Continue Reading »

borezo.info – spam selling anti-spam services

By on April 3, 2017 in Latest SPAM

If you are in the business of selling spam filtering.. it is probably not a good idea to do it by sending out spam.. From:    Camille Arpaillange [contact@borezo.info]To:    contact@[redacted]Date:    3 April 2017 at 15:55Subject:    [redacted] – Protect emails received on your domain nameSigned by:    sg.borezo.infoDiscover our SaaS solutionAnti-Virus, Anti-Spam and Anti-Phishing SMTP

Continue Reading »

25.0.0.0/8 is not your private network

By on April 3, 2017 in Latest SPAM

A recent phishing email originating from an Office 365 caused some confusion.. apparently originating fom an address in the 25.0.0.0.8 range which according to a WHOIS lookup is the UK’s Ministry of Defence. % Abuse contact for ‘25.0.0.0 – 25.255.255.255’ is ‘hostmaster@mod.uk’inetnum:        25.0.0.0 – 25.255.255.255netname:        UK-MOD-19850128country:        GBorg:           

Continue Reading »

Internet Information Services (IIS) 6.0 Vulnerability

By on April 3, 2017 in Recent Vulnerabilities

Original release date: March 30, 2017 US-CERT is aware of active exploitation of a vulnerability in Windows Server 2003 Operating System Internet Information Services (IIS) 6.0. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.  On June 15, 2015, Microsoft ended support for Windows Server 2003 Operating System, which […]

Continue Reading »

Google Releases Security Updates for Chrome

By on April 3, 2017 in Recent Vulnerabilities

Original release date: March 30, 2017 Google has released Chrome version 57.0.2987.133 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the necessary updates. This product is provided […]

Continue Reading »

Leaked documents reveal post-Brexit switch to pre-decimal currency

By on March 31, 2017 in Latest SPAM

So with the UK leaving the EU thing kicking off into full swing a lot of interesting stories have been lost in the noise. As expected not only have hard Brexiteers managed to sneak in proposals that we ditch the metric system, it now also seems that they want to ditch decimal currency too. Madness? […]

Continue Reading »

Malware spam: “Re:Payment Remittance Copy”

By on March 30, 2017 in Latest SPAM

This fake financial spam leads to malware. From:    AL HUDA LTD [ap.office@triumftools.sk]Date:    30 March 2017 at 09:05Subject:    Re:Payment Remittance CopySigned by:    triumftools.sk Dear Sir, As instructed by your customer for your payment, Find attached formal remittance copy received from our bank and contact your  client for payment confirmation. All payment details is

Continue Reading »

Apple Releases Security Update for iTunes

By on March 26, 2017 in Recent Vulnerabilities

Original release date: March 24, 2017 Apple has released a security update for Apple iTunes to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review information on iTunes 12.6 and apply the necessary update. This product is provided […]

Continue Reading »

Aviation Phishing Scams

By on March 26, 2017 in Recent Vulnerabilities

Original release date: March 23, 2017 US-CERT has received reports of email-based phishing campaigns targeting airline consumers. Systems infected through phishing campaigns act as an entry point for attackers to gain access to sensitive business or personal information. US-CERT encourages users and administrators to review an airline Security Advisory and US-CERT’s Security Tip ST04-014 for […]

Continue Reading »

More highly personalised malspam using hijacked domains

By on March 20, 2017 in Latest SPAM

Following on from this spam some weeks ago, another one comes in using a broadly similar technique of including the potential victim’s real home address while using apparently hijacked infrastructure (although in this case the hijacking isn’t so elaborate). From: customerservice@newshocks.com [mailto:customerservice@newshocks.com] Sent: 15 March 2017 18:23Subject: [Redacted] Your order 003009

Continue Reading »

Top
All of these posts originated on blog.dynamoo.com, us-cert.gov and malwaredomainlist.com and are automatically reposted on colors.cbnetsecurity.com.X