CVE-2017-8570 – WindowsTechs.com

Raccoon Stealer Malware Scurries Past Microsoft Messaging Gateways

Posted on November 22, 2019 by Tom Spring

Financial institutions are in the crosshairs of hackers leveraging the malware to steal sensitive data. Continue reading Raccoon Stealer Malware Scurries Past Microsoft Messaging Gateways→

Posted on July 5, 2019 by Ratnesh Pandey

Posted by Ratnesh Pandey, Alex Holland and Toby Gray. In June 2019, Microsoft issued warnings about a phishing campaign delivering a new variant of the FlawedAmmyy remote access Trojan (RAT), and a spike in the exploitation of CVE-2017-11882&… Continue reading Protect Before You Detect: FlawedAmmyy and the Case for Isolation→

Posted on February 5, 2019 by Myonlinesecurity

Continuing with the masses of different malspam emails arriving overnight to start off this Tuesday Morning 5th February 2019 with its usual early start while I am eating breakfast. They are all typical subjects & email content and all deliver vari… Continue reading Malspam emails overnight Monday 4 February to Tuesday 5 February 2019→

Posted on February 2, 2019 by Myonlinesecurity

Another malware campaign using malformed RTF files involving Microsoft Office Equation Editor exploits to extract or drop a zip file from an embedded ole object containing the payload and an “innocent” lure doc to be displayed. Today it l… Continue reading Formbook via fake invoice using Microsoft Office Equation Editor exploits→

Posted on January 30, 2019 by Myonlinesecurity

Another malware campaign using malformed RTF files involving Microsoft Office Equation Editor exploits to extract or drop a zip file from an embedded ole object containing the payload and an “innocent” lure doc to be displayed. Today it l… Continue reading Azorult via fake inquiry email using Microsoft Office Equation Editor exploits→

Posted on January 14, 2019 by Myonlinesecurity

A slightly different Lokibot campaign this morning. The email is nothing special with a typical subject of CONFIRM OVERDUE INVOICE coming from various email addresses including what is likely to be either a compromised or fraudulently set up email a… Continue reading Lokibot via multiple embedded OLE objects in fake invoice rtf word docs→

Posted on October 16, 2018 by Myonlinesecurity

An email with the subject of “Re: Inquiry” pretending to come from AL SRAIYA HOLDING GROUP, a large consulting group in Qatar but actually coming from “purchase manager <jairus_miguel@bsdnetwork.com.br>” with a malic… Continue reading Lokibot via fake enquiry CVE-2017-8570 malware campaign error→

Posted on September 13, 2018 by Martin Beltov

The CobInt Trojan is a newly devised malware that has been identified in several ongoing attacks. It is an upgraded version of a previous weapon that has the potential of infecting whole networks of computers. A dangerous characteristic of it…Read mo… Continue reading CobInt Trojan Removal Instructions — Restore Your Computer From Infections→

Posted on August 28, 2018 by Myonlinesecurity

Today’s first example of malware received overnight is a slightly less usual delivery method for Lokibot. The email is a common lure pretending to be a quote / Inquiry request and is nothing special. The subject is “Re: Inquiry / Quotes&… Continue reading Slightly different Lokibot delivery via embedded ole objects in rtf word doc→

Posted on April 9, 2018 by Tom Spring

A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware. Continue reading Word Attachment Delivers FormBook Malware, No Macros Required→