What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-11-08 12:22:58 | Clever WebEx Spam Use Cisco Redirect to Deliver RAT Malware (lien direct) | A clever spam campaign is underway that pretends to be a WebEx meeting invite and uses a Cisco open redirect that pushes a Remote Access Trojan to the recipient. Using open redirects add legitimacy to spam URLs and increases the chances that victims will click on an URL. [...] | Spam Malware | ||
 |
2019-11-07 08:02:48 | Malware modulaire Emotet – Rapport NETSCOUT (lien direct) | NETSCOUT vient de publier les résultats d'une récente analyse menée sur le cheval de Troie bancaire transformé en téléchargeur, Emotet, qui continue de dominer la scène malgré un récent silence radio. Emotet est un logiciel malveillant modulaire, signalé pour la première fois en 2014 comme un cheval de Troie bancaire, qui a rapidement évolué vers sa forme modulaire actuelle, capable de tout supporter, du spam au vol d'emails. En mai 2019, l'activité d'Emotet a commencé à décliner, une pause qui a duré (...) - Malwares | Spam Malware | ||
 |
2019-11-03 01:31:13 | Firefox to hide notification popups by default starting next year (lien direct) | In a move to fight spam and improve the health of the web, Mozilla will hide notification popups -- a feature nobody asked for. | Spam | ||
 |
2019-11-01 09:44:45 | (Déjà vu) Malware Scare with Halloween Emails (lien direct) | The Emotet Trojan is celebrating Halloween by pushing out new spam templates that want to invite you to a neighborhood party. While these emails promise you a treat, in reality Emotet is tricking you into installing an infection. For those not familiar with Emotet, it is a malware infection that is spread through spam emails containing […] | Spam Malware | ||
|
2019-10-31 17:55:58 | Emotet Trojan Brings a Malware Scare with Halloween Emails (lien direct) | The Emotet Trojan is celebrating Halloween by pushing out new spam templates that want to invite you to a neighborhood party. While these emails promise you a treat, in reality Emotet is tricking you into installing an infection. [...] | Spam Malware | ||
|
2019-10-30 09:53:01 | (Déjà vu) New Email Campaign Attacks Italy in Maze Ransomware (lien direct) | The Maze Ransomware is conducting a new spam campaign that targets Italian users by pretending to be the country’s Tax and Revenue Agency. The Maze Ransomware is not a new infection, but within the past month it has been picking up steam with new campaigns, partnering with exploit kits, and inserting playful comments targeting researchers in their […] | Ransomware Spam | ||
|
2019-10-29 16:38:02 | Maze Ransomware Attacks Italy in New Email Campaign (lien direct) | The Maze Ransomware is conducting a new spam campaign that targets Italian users by pretending to be the country's Tax and Revenue Agency. [...] | Ransomware Spam | ||
 |
2019-10-25 14:02:47 | AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam (lien direct) |  By Miguel Carlo Ang and Earle Maui Earnshaw We recently saw a malicious spam campaign that has AutoIT-compiled payloads – the trojan spy Negasteal or Agent Tesla (detected by Trend Micro as TrojanSpy.Win32.NEGASTEAL.DOCGC), and remote access trojan (RAT) Ave Maria or Warzone (TrojanSpy.Win32.AVEMARIA.T) – in our honeypots. The upgrading of payloads from a typical trojan...
|
Spam | ||
|
2019-10-21 12:34:38 | Office 365 Now Warns About Suspicious Emails with Unverified Senders (lien direct) | Microsoft is currently rolling out a new Office 365 feature dubbed 'Unverified Sender' and designed to help users identify potential spam or phishing emails that reach their Outlook client's inbox. [...] | Spam | ||
|
2019-10-16 12:49:30 | MailGuard Discovers New Phishing Campaign Targeting Telstra Customers (lien direct) | Another day, another phishing campaign. MailGuard, the email spam and virus filter, has identified a new fraudulent email campaign that has been targeting inboxes across Australia. The scam email is designed to look like a notification from Telstra, with the subject: “$500 Citibank prepaid gift card reward.” Once opened, the message displays the telecommunications giant's […] | Spam | ||
 |
2019-10-11 17:10:00 | Click2Mail Suffers Data Breach (lien direct) | Mail provider discovered customer data being used in spam messages. | Data Breach Spam | ||
 |
2019-10-10 13:00:23 | September 2019\'s Most Wanted Malware: Emotet Botnet Starts Spreading Spam Campaigns Again After Three-Month Silence (lien direct) | In September, the Emotet Botnet resumed activity again after a three-month break. We first reported the notorious botnet taking a break in June 2019, and that the offensive infrastructure had become active again in August. Some of the Emotet spam campaigns featured emails which contained a link to download a malicious Word file, and some… | Spam | ||
|
2019-10-09 09:15:58 | (Déjà vu) 269% increase in attacks to Business Emails (lien direct) | A new Mimecast report finds a significant uptick in BEC attacks, malware attachments, and spam landing in target inboxes. Business email compromise (BEC) ramped up 269% from last quarter to this quarter, according to Mimecast’s latest Email Security Risk Assessment (ESRA). This quarter showed a massive spike in emails containing dangerous file types, malware attachments, […] | Spam Malware | ||
|
2019-10-08 12:30:00 | Business Email Compromise Attacks Spike 269% (lien direct) | A new Mimecast report finds a significant uptick in BEC attacks, malware attachments, and spam landing in target inboxes. | Spam Malware | ||
 |
2019-10-03 12:22:02 | Ukrainian police dismantled a bot farm involved in multiple spam campaigns (lien direct) | The Ukrainian police dismantled a bot farm involved in spam campaigns carried out through various services, including email and social networks. Cybercrime is a prolific business, criminal organizations continues to make profits with illegal activities in the cyberspace, but police are ready to contrast them. Cyber experts at the Ukrainian police dismantled a bot farm […] | Spam | ||
|
2019-10-03 09:04:22 | (Déjà vu) Bot Farm seized by Police who are potentially behind fatal scam messages (lien direct) | The cyber division of the Ukrainian police took to pieces an operation that made money by registering accounts used to send spam through various services, including email and social networks. The bot farm allowed its cybercriminal customers to buy large numbers of active accounts for multiple online services. These were then used to deliver unsolicited […] | Spam | ||
|
2019-10-03 04:15:38 | Police Seize Bot Farm Behind Potentially Fatal Scam Messages (lien direct) | The cyber division of the Ukrainian police took to pieces an operation that made money by registering accounts used to send spam through various services, including email and social networks. [...] | Spam | ||
|
2019-10-03 02:05:31 | FTCode PowerShell Ransomware Resurfaces in Spam Campaign (lien direct) | An old PowerShell ransomware has resurfaced with a vengeance in a spam distribution aimed at Italian recipients. This ransomware is called FTCode and is completely PowerShell based, which means it can encrypt the computer without downloading any additional components. [...] | Ransomware Spam | ||
|
2019-09-29 20:23:58 | Phishers continue to abuse Adobe and Google Open Redirects (lien direct) | Adobe and Google Open Redirects Abused by Phishing Campaigns Experts reported that phishing campaigns are leveraging Google and Adobe open redirects to bypass spam filters and redirect users to malicious sites. Phishers are abusing Google and Adobe open redirects to bypass spam filters and redirect users to malicious sites. Crooks abuse Google and Adobe services […] | Spam | ||
|
2019-09-28 07:00:04 | Most malspam contains a malicious URL these days, not file attachments (lien direct) | Proofpoint: 85% of all malicious email spam sent in Q2 2019 contained a link to download a malicious file. | Spam | ||
|
2019-09-27 09:54:04 | (Déjà vu) Ransomware targets REvil Chinese Users with DHL Spam (lien direct) | A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. This spam campaign was discovered by security researcher onion and pretends to be an email from DHL stating that the delivery of a package has been delayed due to an incorrect customs declaration. It then proceeds to […] | Ransomware Spam | ||
|
2019-09-27 06:05:31 | Adobe and Google Open Redirects Abused by Phishing Campaigns (lien direct) | Google and Adobe open redirects are being used by phishing campaigns in order to add legitimacy to the URLs used in the spam emails. [...] | Spam | ||
 |
2019-09-26 15:03:06 | \'Chameleon\' Spam Campaign Employs Randomized Email Headers (lien direct) | A large number of spam messages recently sent from the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing, Trustwave reports. | Spam | ||
|
2019-09-26 12:39:33 | REvil (Sodinokibi) Ransomware Targets Chinese Users with DHL Spam (lien direct) | A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. [...] | Ransomware Spam | ||
 |
2019-09-25 14:33:24 | (Déjà vu) Comments: Beware – Edward Snowden\'s (lien direct) | It has been reported the infamous Emotet malware has started a new spam campaign that pretends to be a scanned copy of Edward Snowden’s new book. Unsuspecting users who open the attachment and enable its content will find that they have become infected with Emotet, most likely Trickbot, and possibly other malware. After approximately four months … The ISBuzz Post: This Post Comments: Beware – Edward Snowden’s | Spam | ||
|
2019-09-24 03:30:00 | Emotet Tries to Infect You By Claiming It\'s Snowden\'s Book (lien direct) | Emotet has started a new spam campaign that pretends to be a scanned copy of Edward Snowden's new book. Unsuspecting users who open the attachment and enable its content will find that they have become infected with Emotet, most likely Trickbot, and possibly other malware. [...] | Spam | ||
 |
2019-09-23 18:40:44 | Emotet malspam campaign uses Snowden\'s new book as lure (lien direct) | Spam | |||
 |
2019-09-20 07:57:15 | Emotet reprend du service : ce trojan bancaire devenu malware à tout faire (lien direct) | Nouveau pic d'activité pour Emotet. Cinq ans après sa découverte, il est devenu une plate-forme de diffusion de spam et de malware. | Spam Malware | ||
 |
2019-09-18 06:05:13 | Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month (lien direct) | Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam-they mine cryptocurrencies as well.
Smominru, an infamous cryptocurrency-mining and credential-stealing botnet, has become one of the rapidly spreading |
Spam | ||
 |
2019-09-17 11:16:38 | Emotet Botnet Returns After Four-Month Hiatus With New Spam Campaign (lien direct) | The actors responsible for the Emotet botnet returned after a four-month period of inactivity with a new malspam campaign. On 16 September, SpamHaus security researcher Raashid Bhat spotted a spate of new spam emails written in Polish or German that contained malicious attachments or links to malware downloads. Emotet is fully back in action and […]… Read More | Spam Malware | ||
|
2019-09-16 17:04:53 | Emotet is back: botnet springs back to life with new spam campaign (lien direct) |
After months of laying dormant, the notorious Emotet is back, with its botnet spewing spam globally.
Categories:
Botnets
Tags: botnetbotnetsdownloaderemotetinformation stealermalicious emailmalspamphishingRyuk ransomwarespamspear phishingtrickbot
(Read more...)
|
Spam | ||
|
2019-09-16 16:27:14 | Emotet Revived with Large Spam Campaigns Around the World (lien direct) | Less than a month after reactivating its command and control (C2) servers, the Emotet botnet has come to like by spewing spam messages to countries around the globe. [...] | Spam | ||
|
2019-09-16 11:20:19 | (Déjà vu) New Spam Malware Campaign Targeting Germany. (lien direct) | A new spam campaign is underway that pretends to be a job application from “Eva Richter” who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim’s files by installing the Ordinypt Wiper. Ordinypt is a destructive malware commonly targeted at German people that […] | Spam Malware | ||
|
2019-09-16 10:56:29 | Spam Campaign Targeting German Users with Ordinypt Malware (lien direct) | A new spam campaign is attempting to infect German-speaking users with samples of the destructive Ordinypt malware family. According to Bleeping Computer, the campaign sent spam emails masquerading as a job application from someone named Eva Richter. These messages supported this claim by using the subject line “Bewerbung via Arbeitsagentur – Eva Richterwhich,” which translates […]… Read More | Spam Malware | ||
 |
2019-09-14 21:48:20 | Les cybercriminels misent toujours davantage sur les techniques de contournement des antimalwares (lien direct) | De nombreux outils modernes de malware intègrent des fonctionnalités pour contourner les antivirus et autres mesures de détection : les cybercriminels ont affûté leurs armes pour gagner en furtivité, déjouer les analyses antimalware et éviter de se faire détecter. À titre d’exemple, une campagne de spam illustre comment les assaillants utilisent et affinent ces techniques … Continue reading Les cybercriminels misent toujours davantage sur les techniques de contournement des antimalwares | Spam Malware | ||
|
2019-09-14 01:51:17 | (Déjà vu) Destructive Ordinypt Malware Hitting Germany in New Spam Campaign (lien direct) | A new spam campaign is underway that pretends to be a job application from "Eva Richter" who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim's files by installing the Ordinypt Wiper. [...] | Spam Malware | ||
|
2019-09-14 01:51:17 | New Fake \'Eva Richter\' Resume Spam Aims to Destroy Files (lien direct) | A new spam campaign is underway that pretends to be a job application from "Eva Richter" who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim's files by installing the Ordinypt Wiper. [...] | Spam | ||
|
2019-09-07 10:30:00 | Google Calendar Spam Got You Down? A Fix Is on The Way (lien direct) | Google is working on a solution to stop spammers from abusing a Google Calendar feature designed to automatically add event invitations to its users' calendars after receiving countless reports about spam events over the last few months. [...] | Spam | ||
|
2019-09-05 12:09:05 | Spam Campaign Abuses PHP Functions for Persistence, Uses Compromised Devices for Evasion and Intrusion (lien direct) | We found a spam campaign that uses compromised devices to attack vulnerable web servers. From the devices, attackers use a PHP script to send an email with an embedded link to a scam site to specific email addresses. The use of compromised devices for attacks make attribution difficult, and attackers can have repeated access to the server even after patching. | Spam | ||
 |
2019-09-03 18:56:00 | Spam In your Calendar? Here\'s What to Do. (lien direct) | Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working. But periodically they circle back to old tricks, and few spam trends are as perennial as calendar spam, in which invitations to click on dodgy links show up unbidden in your digital calendar application from Apple, Google and Microsoft. Here's a brief primer on what you can do about it. | Spam | ||
|
2019-09-02 20:52:00 | Feds Allege Adconion Employees Hijacked IP Addresses for Spamming (lien direct) | Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOnSecurity has learned that the charges are likely just the opening salvo in a much larger, ongoing federal investigation into the company's commercial email practices. | Spam | ||
|
2019-09-02 11:12:01 | Brexit Cyber Threat: MPs Hit With 2 Million Scam Emails Every Month (lien direct) | MPs and House of Commons staff were hit with 20,973,102 cyber attacks through spam emails in the most recent financial year, according to official figures. The data, released under the freedom of information act, revealed on average 1.9 million junk email attacks were sent to Parliamentary staff including phishing, viruses and malware, all of which was … The ISBuzz Post: This Post Brexit Cyber Threat: MPs Hit With 2 Million Scam Emails Every Month | Spam | ||
|
2019-08-30 16:53:02 | Phishing Attacks Increase By 21% In Q2 2019 (lien direct) | According to recent research from Kaspersky, the number of worldwide phishing attacks detected by Kaspersky hit 129.9 million during the second quarter of 2019. During the most recent quarter, the average percentage of spam in global mail traffic hit 57.6%, up 1.67 percentage points from the previous year’s quarter The largest share of spam was seen in … The ISBuzz Post: This Post Phishing Attacks Increase By 21% In Q2 2019 | Spam | ||
|
2019-08-27 13:59:04 | (Déjà vu) Infiltration de votre agenda Google (lien direct) | Retour en force du spam via l’agenda Google. Une attaque que les malveillants ressortent de leur tiroir. Plusieurs lecteurs de Data Security Breach se sont étonnés de mystérieux messages apparus dans leur agenda Google. Des rendez-vous proposant des rencontres via des sites pour adultes. Bref, un spam et des publicités non sollicités via ce support. … Continue reading Infiltration de votre agenda Google | Spam | ||
|
2019-08-27 13:59:04 | Infiltration de votre agende Google (lien direct) | Retour en force du spam via l’agenda Google. Une attaque que les malveillants ressortent de leur tiroir. Plusieurs lecteurs de Data Security Breach se sont étonnés de mystérieux messages apparus dans leur agenda Google. Des rendez-vous proposant des rencontres via des sites pour adultes. Bref, un spam et des publicités non sollicités via ce support. […] | Spam | ||
 |
2019-08-27 07:30:05 | Won a free iPhone? No, it\'s Calendar spam (lien direct) | An increasing number of people are reporting that their calendars are being bombarded with spam invitations. Here is how to stop them appearing in your Google calendar. | Spam | ||
|
2019-08-25 08:01:04 | Internal Revenue Service warns taxpayers of a malware campaign (lien direct) | The Internal Revenue Service (IRS) is warning of an active IRS impersonation scam campaign sending spam emails to distribute malware. The Internal Revenue Service (IRS) issued an alert to warn taxpayers of a new scam campaign distributing malware. Last week the US agency has received several reports from taxpayers that received spam messages with “Automatic Income […] | Spam Malware | ||
|
2019-08-23 15:32:01 | IRS Warns Taxpayers of New Scam Campaign Distributing Malware (lien direct) | The Internal Revenue Service (IRS) issued today a warning to alert taxpayers and tax professionals of an active IRS impersonation scam campaign sending spam emails to deliver malicious payloads. [...] | Spam Malware | ||
 |
2019-08-19 11:24:05 | (Déjà vu) Varenyky cible les Français et prend des captures d\'écran durant la consultation de sites pornographiques (lien direct) |  Les chercheurs d'ESET ont découvert une série de campagnes de spam ciblant spécifiquement la France. Ces campagnes distribuent un code malveillant baptisé " Varenyky " par les chercheurs d'ESET. À l'image de beaucoup d'autres bots de ce type, Varenyky peut bien sûr envoyer du spam ou voler des mots de passe. Mais là où il se distingue, c'est qu'il est aussi capable d'espionner les écrans de ses victimes lorsqu'elles regardent du contenu sexuel en ligne. |
Spam | ||
 |
2019-08-14 21:45:48 | Threat hunting using DNS firewalls and data enrichment (lien direct) | After seeing a few advertisements about DNS firewalls and how expensive they are, I want to share my experience with blue teamers about how DNS firewalls work and how that knowledge can be used for in-house threat hunting solutions and/or building your own DNS firewall (aka do it yourself). These are examples of an approach to detect malicious behaviour, not a tailor made solutions.At the beginning I would like to highlight that it's a good practice to monitor not only logs but also DNS traffic in real time. Such traffic isn't encrypted and if you only check DNS server logs then you can miss direct requests to other DNS servers. Additionally you can also use recently published version of Sysmon [https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon] which supports DNS queries in event ID 22 (DNSEvent).The DNS queries used below that end with | Spam Malware Threat Guideline | APT 18 |
To see everything:
Our RSS (filtrered)
