SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Parallax malware-for-sale increasingly spread through spam
Description: The Parallax remote access trojan has been increasingly seen in spam emails as it becomes publicly available on hacker forums. The malware-as-a-service costs roughly $65 a month. Attackers attempt to use the RAT to gain access to a victim's machine, and then steal their login credentials and files and execute code. Users are recommended to be vigilant for phony emails that may contain malicious links pointing to a Parallax download.
Snort SIDs: 53437 - 53440
Title: Zoho ManageEngine contains remote code execution vulnerability, being exploited in the wild
Description: Attackers are exploiting a remote code execution vulnerability in Zoho ManageEngine in the wild. The bug, identified as CVE-2020-10189, could allow an attacker to deserialize data and then execute arbitrary code on the victim machine with SYSTEM or root privileges. One security researcher discovered 2,300 unprotected instances utilizing ManageEngine.
Snort SIDs: 53433 - 53435