Threat Outbreak Alert: Email Messages with Malicious Attachments on May 11, 2014

Medium Alert ID: 32599 First Published: 2014 January 28 19:28 GMT Last Updated: 2014 May 13 11:42 GMT Version: 15 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that contain a malicious attachment for the recipient. The text in the email...

Cutwail-Like Wigon.PH_44 Trojan Sends Spam, Steals Data

A new spambot has been discovered that generates copious amounts of HTTP POST and GET requests in an attempt to disguise what it’s really up to and throw off the scent of detection capabilities. “In this case, it seems like it’s trying to hide impactful communication where there are actual payloa...

[PeStudio v7.98] The Static Investigation tool for Windows executable binary

PeStudio is a free tool performing the static investigation of any Windows executable binary. A file being analyzed with PeStudio is never launched. Therefore you can evaluate unknown executable and even malware with no risk. PeStudio runs on any Windows Platform and is fully portable , no...

Threat Outbreak Alert: Fake Photo Attachment Email Messages on January 16, 2014

Medium Alert ID: 32472 First Published: 2014 January 16 20:33 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a photo for the recipient. The text in the email message attempts to convince the recipient to open the...

Rakabulle, Advance File Binder from DarkComet RAT Developer

I hope you all still remember the famous and powerful Remote Administration Tool RAT called 'Dark Comet', developed by a French computer geek 'Jean-Pierre Lesueur', also known as 'DarkCoderSc'. However, He had closed the Dark Comet project, when the Syrian government found to be using it to track...

Threat Outbreak Alert: Fake Transaction Processing Failure Notification Email Messages on January 9, 2014

Medium Alert ID: 32393 First Published: 2014 January 9 21:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a failed transaction notice for the recipient. The text in the email message attempts to convince the recipient...

Threat Outbreak Alert: Fake Confidential Document Delivery Email Messages on January 9, 2014

Medium Alert ID: 32389 First Published: 2014 January 9 18:06 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a confidential document for the recipient. The text in the email message attempts to convince the recipient to...

Threat Outbreak Alert: Fake Bank Statement Email Messages on January 9, 2014

Medium Alert ID: 32387 First Published: 2014 January 9 17:19 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank statement notification from Lloyds Bank Commercial Finance Ltd. for the recipient. The text in the email...

[Anubis] Online Analyzing Unknown Binaries

Anubis is a service for analyzing malware. Submit your Windows executable or Android APK and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL...

Schweitzer Engineering Laboratories AcSELerator Improper Authorization Vulnerability

Overview This advisory provides mitigation details for a vulnerability affecting the Schweitzer Engineering Laboratories SEL AcSELerator QuickSet software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the SEL AcSELerator...

file -- out-of-bounds access in search rules with offsets from input file

Aaron Reffett reports: softmagic.c in file ... and libmagic allows context-dependent attackers to cause a denial of service out-of-bounds memory access and crash via crafted offsets in the softmagic of a PE executable...

Threat Outbreak Alert: Email Messages with Malicious Attachments on December 17, 2013

Medium Alert ID: 32194 First Published: 2013 December 17 16:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an attachment for the recipient. The text in the email message attempts to convince the recipient to open the...

Threat Outbreak Alert: Fake Bank Account Security Information Email Messages on December 11, 2013

Medium Alert ID: 32137 First Published: 2013 December 13 05:36 GMT Version: 1 Summary Cisco Security has detected significant activity related to German-language spam email messages that claim to contain online banking safety information for the recipient. The text in the email message attempts t...

CVE-2013-6810

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition CMCNE, HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file...

Code injection

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition CMCNE, HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file...

CVE-2013-6810

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition CMCNE, HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file...

MS13-098: Vulnerability in Windows Could Allow Remote Code Execution (2893294)

The remote host contains a version of Microsoft Windows that is affected by a remote code execution vulnerability. The vulnerability exists in the method in which the WinVerifyTrust function deals with Windows Authenticode signature verification for portable executable files. An attacker could...

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the forma...

Threat Outbreak Alert: Fake Visa Card Statement Notification Email Messages on December 8, 2013

Medium Alert ID: 32079 First Published: 2013 December 9 20:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a Visa card statement for the recipient. The text in the email message attempts to convince the recipient to...

Threat Outbreak Alert: Fake Package Delivery Failure Notification Email Messages on December 9, 2013

Medium Alert ID: 32095 First Published: 2013 December 9 20:07 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a package delivery failure notification for the recipient. The text in the email message attempts to convince...