Info collector

down.mykings.pw:8888 (2017/03/06_21:09)

By on March 6, 2017 in Malware Domains

Host: down.mykings.pw:8888/ver.txt, IP address: 60.250.76.52, ASN: 3462, Country: TW, Description: related to a Mirai windows spreader trojan

Continue Reading »

down.mykings.pw:8888 (2017/03/06_21:09)

By on March 6, 2017 in Malware Domains

Host: down.mykings.pw:8888/ups.rar, IP address: 60.250.76.52, ASN: 3462, Country: TW, Description: related to a Mirai windows spreader trojan

Continue Reading »

OpenSSL Releases Security Update

By on February 20, 2017 in Recent Vulnerabilities

Original release date: February 16, 2017 OpenSSL version 1.1.0e has been released to address a vulnerability for users of version 1.1.0. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary update. This product is provided […]

Continue Reading »

Malware spam: “RBC – Secure Message” / service@rbc-secure-message.com

By on February 15, 2017 in Latest SPAM

This fake banking email leads to some sort of malware: From:    RBC – Royal Bank [service@rbc-secure-message.com] Date:    15 February 2017 at 17:50 Subject:    RBC – Secure Message Signed by:    rbc-secure-message.com Secure Message This is an automated message send by Royal Bank Secure Messaging Server. To ensure both you and the RBC

Continue Reading »

Highly personalised malspam making extensive use of hijacked domains

By on February 15, 2017 in Latest SPAM

This spam email contained not only the intended victim’s name, but also their home address and an apparently valid mobile telephone number: Sent: 14 February 2017 13:52 To: [redacted] From: Subject: Mr [Redacted] Your order G29804772-064 confirmation Dear Mr [redacted], Thank you for placing an order with us. For your

Continue Reading »

fo5.a1-downloader.org (2017/02/09_14:04)

By on February 9, 2017 in Malware Domains

Host: fo5.a1-downloader.org/g2v9s1.php?id=yourname@yourdomain.com, IP address: 188.225.32.177, ASN: 9123, Country: RU, Description: trojan download

Continue Reading »

aadroid.net (2017/02/09_14:04)

By on February 9, 2017 in Malware Domains

Host: aadroid.net/sys.olk, IP address: 107.180.51.15, ASN: 26496, Country: US, Description: ransomware

Continue Reading »

www.lifelabs.vn (2017/01/25_20:15)

By on January 25, 2017 in Malware Domains

Host: www.lifelabs.vn/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t, IP address: 118.69.196.199, ASN: 18403, Country: VN, Description: Trojan.Backdoor, Office.Word.Downloader

Continue Reading »

falconsafe.com.sg (2017/01/25_20:16)

By on January 25, 2017 in Malware Domains

Host: falconsafe.com.sg/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t, IP address: 43.229.84.107, ASN: 38532, Country: SG, Description: Trojan.Backdoor, Office.Word.Downloader

Continue Reading »

WARNING: pmacademyusa.org / “Project Management Academy USA”

By on January 23, 2017 in Latest SPAM

For the past six years I have been following the exploits of Patchree “Patty” Patchrint and Anthony Christopher Jones who claim to run a series of seminars on project management and grant writing. Umm.. and failed restaurants in Los Angeles. I’m not going to repeat all of the information in this post, I advise you […]

Continue Reading »

Top
All of these posts originated on blog.dynamoo.com, us-cert.gov and malwaredomainlist.com and are automatically reposted on colors.cbnetsecurity.com.X