Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User Sanesecurity
(newbie) Wed 07-Jan-15 09:22:49
Print Post

Eliza Fernandes NUCSOFT-Payroll December document malware


[link to this post]
 
Just a heads up about incoming malware hitting hard this morning...

More details on my security blog...

http://sanesecurity.blogspot.co.uk/2015/01/eliza-fer...

Cheers,

Steve
Standard User Banger
(eat-sleep-adslguide) Wed 07-Jan-15 19:48:40
Print Post

Re: Eliza Fernandes NUCSOFT-Payroll December document malwar


[re: Sanesecurity] [link to this post]
 
Getting loads of these and Defender even picked the file up on disk, so Windows Live Mail must drop the file to disk even if it is not opened.

Tim
www.vivaciti.net & freenetname
Billion 7800 on 24 Meg Enta
http://www.thinkbroadband.com/speedtest/results.html...
Standard User panda
(committed) Wed 07-Jan-15 20:13:36
Print Post

Re: Eliza Fernandes NUCSOFT-Payroll December document malwar


[re: Sanesecurity] [link to this post]
 
X-Original-From: eliza_fernandes@nucsoft.co.in
X-CLAMAV-Details: Sanesecurity.Malware.24646.DocHeur.UNOFFICIAL
X-CLAMAV-Results: Infected
smile

Eats shoots and leaves.


Register (or login) on our website and you will not see this ad.

Standard User caffn8me
(knowledge is power) Thu 08-Jan-15 12:30:31
Print Post

Re: Eliza Fernandes NUCSOFT-Payroll December document malwar


[re: Sanesecurity] [link to this post]
 
The new Spam du Jour appears to be;

From: Ieuan James <emerysieuan@gmail.com>
Sunject: invoice EME018.docx

There's a malformed Base64 encoded attachment which is supposed to be a Word document, no doubt with a macro payload.

Less common today is

From: [variable]
Subject: NOVEMBER INVOICE ADVISE

This has a Word document attached too.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User XRaySpeX
(eat-sleep-adslguide) Fri 09-Jan-15 14:18:33
Print Post

Re: Eliza Fernandes NUCSOFT-Payroll December document malwar


[re: Sanesecurity] [link to this post]
 
I had 3 of these in quick succession, all to diff email addys that I had registered with prominent sites that had leaked, incl. Santander & Groupon.

1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC
  Print Thread

Jump to