Month: July 2020

Your Swift PrePaymaent Order is Actually CVE-2017-11882Your Swift PrePaymaent Order is Actually CVE-2017-11882

July 14, 2020| admin| 0 Comments

Introduction Last week I came across an interesting email address with an Excel Spreadsheet attachment: There was no content in this email other than FYI and regards. The sender of

Analysis and Deobfuscation of Malicious VBScript URSnif DropperAnalysis and Deobfuscation of Malicious VBScript URSnif Dropper

July 1, 2020| admin| 0 Comments

Introduction On June 25, 2020 I came across the following Tweet posted by @ps66uk emails have an originating IP of 165.138.96.21 WHOIS: Indiana Department of Education@EducateIN pic.twitter.com/6MNjTOmQZz — ps66uk (@ps66uk)

S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31