top of page
Security Operations Team

MSS News: Today's Daily Report


Last Updated: 11:27AM EST

Today's News

Today we are seeing targeted Email attacks from104.47.34[.]64 and 105.8.2[.]175.

Clipboard Hijacking Reports - A Clipboard Hijacker targeting bitcoin has affected over 300,000 computers according to Chinese security firm Qihoo 360 Total Security.

Cryptocurrency Mining Bot Targets SSH - A report from Trend Micro

Today's Events

PBot Malware - Several news reports of this Python ad campaign that may by used for other attacks. Event: 28796

Emails (Above) - Continued suspicious emails - Updated to TLP:RED in our data Event: 28795

Spam Messages - We are seeing an uptick in activity from cdn.kustomerapp[.]com and others. In addition we have updated an event 28797 to include a series of suspicious domains associated with this activity.

ASUSWRT Exploits - We are seeing EXPLOIT ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Commands Execution that we have previously reported on. The activity is coming from 179.219.203[.]40. In addition we are still seeing the previous Netcore Router Backdoor Access attempts.

DDOS - Seeing CVE-2016-9312 exploited in DDOS attacks.

IOCS

104.47.34[.]64

105.8.2[.]175

cdn.kustomerapp[.]com

179.219.203[.]40

13 views0 comments
bottom of page