Astaroth, Mekotio & Ousaban abusing Google Cloud Run in LATAM-focused malware campaigns

Google Cloud Run is currently being abused in high-volume malware distribution campaigns, spreading several banking trojans such as Astaroth aka Guildma, Mekotio and Ousaban to targets across Latin America and Europe. The volume of emails associated with these campaigns has significantly increase...

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay

Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If t...

Australian Hacker Charged with Creating, Selling Spyware to Cyber Criminals

A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. Jacob Wayne John Keen, who currently resides at Frankston, Melbourne, is said to have created the remote access trojan R...

Prolific threat actor TA551 using new malware IcedID

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here TA551 is a financially motivated threat group that has been active at least since 2018. The gang primarily targeted English, German, Italian, and Japanese speakers through email-based malware distribution activities. IcedID, a...

What's New in InsightVM and Nexpose: Q4 2021 in Review

Greetings, fellow security professionals. As we enter into the new year, we wanted to provide a recap of product releases and features on the vulnerability management VM front for Q4 2021. Let's start by talking about the elephant in the room. The end of last year was dominated by Log4Shell, the...

ROS-20220125-05

A vulnerability in the GNU Mailman email distribution management package is related to insufficient validation of the source of an HTTP request. the source of the HTTP request. Exploitation of the vulnerability could allow a remote attacker, cause a victim to visit a customized web page and perfo...

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least sin...

Threat Outbreak Alert RuleID33359: Email Messages Distributing Malicious Software on August 13, 2018

Medium Alert ID: 58740 First Published: 2018 August 15 12:48 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33359 may contain the following files: Name |...

Threat Outbreak Alert RuleID33122: Email Messages Distributing Malicious Software on July 5, 2018

Medium Alert ID: 58376 First Published: 2018 July 5 16:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33122 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID32902: Email Messages Distributing Malicious Software on June 7, 2018

Medium Alert ID: 58063 First Published: 2018 June 7 20:49 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32902 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID32885: Email Messages Distributing Malicious Software on June 7, 2018

Medium Alert ID: 58033 First Published: 2018 June 7 16:16 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32885 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID32838: Email Messages Distributing Malicious Software on May 25, 2018

Medium Alert ID: 57967 First Published: 2018 May 25 18:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32838 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID32706: Email Messages Distributing Malicious Software on May 11, 2018

Medium Alert ID: 57864 First Published: 2018 May 11 13:37 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32706 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID32734: Email Messages Distributing Malicious Software on May 10, 2018

Medium Alert ID: 57851 First Published: 2018 May 10 13:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32734 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID32622: Email Messages Distributing Malicious Software on April 27, 2018

Medium Alert ID: 57617 First Published: 2018 April 30 14:40 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32622 may contain the following files: Name| Siz...

Threat Outbreak Alert RuleID32587: Email Messages Distributing Malicious Software on April 26, 2018

Medium Alert ID: 57610 First Published: 2018 April 30 14:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32587 may contain the following files: Name| Siz...

Threat Outbreak Alert RuleID32581: Email Messages Distributing Malicious Software on April 26, 2018

Medium Alert ID: 57609 First Published: 2018 April 30 14:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32581 may contain the following files: Name| Siz...

Threat Outbreak Alert RuleID32595: Email Messages Distributing Malicious Software on April 26, 2018

Medium Alert ID: 57601 First Published: 2018 April 26 22:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32595 may contain the following files: Name | Si...

Threat Outbreak Alert RuleID32517: Email Messages Distributing Malicious Software on April 19, 2018

Medium Alert ID: 57540 First Published: 2018 April 19 20:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32517 may contain the following files: Name | Si...

Threat Outbreak Alert RuleID32432: Email Messages Distributing Malicious Software on April 16, 2018

Medium Alert ID: 57494 First Published: 2018 April 16 15:42 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32432 may contain the following files: Name | Si...