SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Emotet employs Windows 10 update lures
Description: Popular malware Emotet now draws users to click with a fake Windows 10 Update. This social engineering tactic comes in emails with distracting body text such as current-events articles or bogus shipping information. Opening the email's attachments triggers the update notification. Enabling editing on the attachment will free up Emotet to infect the system.
Snort SIDs: 56046, 56047
Title: F2FS toolset contains multiple vulnerabilities
Description: F2FS is a filesystem toolset commonly found in embedded
devices that creates, verifies and/or fixes Flash-Friendly File System files. An attacker could provide a malicious file to the target to trigger these vulnerabilities, causing a variety of negative conditions for the target. The tool contains two code execution vulnerabilities for multiple devices, and information disclosure vulnerability in init_node_manager and dev_read.
Snort SIDs: 53684, 53685, 53729 - 53732