What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-06-26 00:41:01 | Necurs Campaign Uses Internet Query File Attachments (lien direct) | The Necurs botnet has been using Internet Query (IQY) files in recent waves of spam attacks in an ef | Spam | ||
 |
2018-06-22 10:58:05 | Blackmail Campaign Pretending to be WannaCry Is Really Just WannaSpam (lien direct) | A new spam campaign is underway that pretends to be from a group called the "WannaCry-Hack-Team" that states the infamous WannaCry Ransomware has returned, the recipients computer is infected, and they need to send some bitcoins or their files will be deleted. [...] | Spam | Wannacry | |
 |
2018-06-22 05:40:03 | Red Alert 2.0 Android Trojan available for rent in the underground at $500 per Month (lien direct) | According to researchers at Trustwave, the source code of the Red Alert 2.0 Android Trojan is now available for rent on cybercrime underground forums at $500 per month. The experts discovered the latest variant because received a malicious apk via mail and analyzed it. “It all started with a spam message, which curiously had an Android App attachment. […] | Spam | ||
 |
2018-06-21 18:12:05 | Why we might see more spam and phishing post-GDPR (lien direct) | IBM Security's Caleb Barlow explained the unintended consequences of the GDPR, and how the regulation removed essential data security professionals rely on to do their job. | Spam | ||
 |
2018-02-21 14:09:05 | Researchers find free ransomware variant being distributed on the Dark Web (lien direct) | Security researchers have identified a ransomware variant that is available for free on the Dark Web and is even unregistered. The discovery comes at a time when the ransomware trade is running on handsome commissions and bounty-sharing occurs between malware sellers and buyers. The distribution of ransomware among hackers and cyber-criminals on the Dark Web ... | Spam | ||
 |
2017-06-02 08:00:00 | Les acteurs de la menace tirent parti de l'exploit éternel pour livrer des charges utiles non de la wannacry Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads (lien direct) |
L'exploit «eternalblue» ( MS017-010 ) a d'abord été utilisépar Wannacry Ransomware et Adylkuzz Cryptocurrency Miner.Maintenant, plus d'acteurs de menaces tirent parti de la vulnérabilité à MicrosoftProtocole de bloc de messages du serveur (SMB) & # 8211;Cette fois pour distribuer Backdoor.Nitol et Trojan Gh0st Rat.
Fireeye Dynamic Threat Intelligence (DTI) a historiquement observé des charges utiles similaires livrées via l'exploitation de la vulnérabilité CVE-2014-6332 ainsi que dans certaines campagnes de spam par e-mail en utilisant Commandes de versions .Plus précisément, Backdoor.Nitol a également été lié à des campagnes impliquant une exécution de code distante
The “EternalBlue” exploit (MS017-010) was initially used by WannaCry ransomware and Adylkuzz cryptocurrency miner. Now more threat actors are leveraging the vulnerability in Microsoft Server Message Block (SMB) protocol – this time to distribute Backdoor.Nitol and Trojan Gh0st RAT. FireEye Dynamic Threat Intelligence (DTI) has historically observed similar payloads delivered via exploitation of CVE-2014-6332 vulnerability as well as in some email spam campaigns using powershell commands. Specifically, Backdoor.Nitol has also been linked to campaigns involving a remote code execution |
Ransomware Spam Vulnerability Threat | Wannacry | ★★★★ |
|
2015-04-01 15:17:27 | Microsoft Word Intruder (MWI): un nouveau kit d'exploitation de documents Word Microsoft Word Intruder (MWI): A New Word Document Exploit Kit (lien direct) |
Les outils utilisés pour créer des documents malveillants qui exploitent les vulnérabilités dans Microsoft Word sont désormais annoncés dans des forums underground et un nouvel outil a émergé qui offre la possibilité de suivre l'efficacité des campagnes.Le constructeur, Microsoft Word Intruder (MWI), est annoncé comme un outil «APT» à utiliser dans les attaques ciblées.Il s'accompagne d'un ensemble de statistiques appelé «Mwistat» qui permet aux opérateurs de suivre diverses campagnes.
Selon l'auteur, l'utilisation de MWI en collaboration avec le spam est interdite, et ceux qui ignorent ce risque pour que leur permis soit révoquée.Dans
The tools used to create malicious documents that exploit vulnerabilities in Microsoft Word are now being advertised in underground forums and one new tool has emerged that provides the ability to track the effectiveness of campaigns. The builder, Microsoft Word Intruder (MWI), is advertised as an “APT” tool to be used in targeted attacks. It is accompanied by a statistics package known as “MWISTAT” that allows operators to track various campaigns. According to the author, the use of MWI in conjunction with spam is forbidden, and those who ignore this risk having their license revoked. In |
Spam Tool Vulnerability Technical | ★★★★ |
To see everything:
Our RSS (filtrered)
