SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: NetWire RAT reappears with financial motivations
Description: Security researchers recently discovered a new variant of the NetWire remote access trojan being spread via fake business emails. Attackers are sending supposed invoices from legitimate-looking emails that download the RAT. Once infected, NetWire carries out a series of malicious actions that all appear aimed at stealing users' financial information and logins. NetWire first emerged in 2012, and has since gone through various iterations across multiple adversaries.
Snort SIDs: 53026 - 53030
Title: Cisco small business switches open to denial of service attacks
Description: Cisco disclosed two high-severity vulnerabilities in some of its small business switches. An attacker could exploit these vulnerabilities to carry out denial-of-service attacks or obtain sensitive information. The Series Smart Switches, Series Managed Switches and Series Stackable Managed Switches are all vulnerable, though a patch is now available. Cisco said in its vulnerability advisory that it was unaware of active exploitation of any of these vulnerabilities.
Snort SIDs: 52993 - 52998