Decoy: fake order from a Taiwanese company. The xls attachment, if opened, contacts a link and redirects the victim to a malicious site, which downloads the malware.
Yoroi-Cybaze cyber security experts: 0-day vulnerability discovery on SOHO Netgear devices. An attacker can execute arbitrary code on the target device by taking control of it without authentication. In addition, there is currently no patch
A 0-day vulnerability has been discovered on various Netgear network device models found in small and home office (SOHO) environments. Yoroi-Cybaze cyber security experts report it. Due to gaps in memory management within the httpd component of the firmware, used to manage user requests to the web interfaces of the devices, a network attacker may be able to execute arbitrary code on the target device by taking complete control without any authentication. This condition opens up to non-negligible risk scenarios, since cyber attacks can also be conducted outside the local network. For example with the aid of DNS Rebinding techniques or Exploit-kits distributed through malvertising, similarly to what happened in the past with GhostDNS campaigns or for the creation of broad-spectrum botnets. Furthermore, to date there is still no patch available to resolve the flaw.