Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Threat Outbreak Alert

Threat Outbreak Alert: Fake Scanned Document E-mail Messages on June 2, 2014

 
Threat Type:IntelliShield: Threat Outbreak Alert
IntelliShield ID:21429
Version:40
First Published:2010 September 30 15:29 GMT
Last Published:2014 June 03 11:44 GMT
Port: Not available
Urgency:Possible use
Credibility:Confirmed
Severity:Mild Damage
 
Version Summary:Cisco Security Intelligence Operations has detected significant activity on June 2, 2014.
 

Description
 
Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a scanned document. The text in the e-mail message instructs the recipient to open a .zip attachment to view the document. However, the .zip attachment contains a malicious .exe file that, when executed, attempts to infect the system with malicious code.

E-mail messages that are related to this threat (RuleID3005, RuleID3147, RuleID2970KVR, RuleID2970KVR_1, RuleID2970_2KVR, RuleID4217, RuleID4311, RuleID2970KVR_3 and RuleID2970KVR_4) may contain any of the following files:

Xerox_Scan_N0032-42344250.zip
Xerox_Scan_N0032-42344250.doc.exe
Scanned_Document.zip
Scanned_Document.doc.exe
Scanned_Documents.DOC.exe
Firma_Info_1110.zip
Firma_Info_1110.Pdf____.exe
Doc16.12.2010Scanned.zip
Doc16.12.2010Scanned.DOC_____.exe
Empressa.zip
Empressa.Pdf_____.exe
Fotodc002.zip
Fotodc002.Jpg _____.exe
Foto.zip
Foto.Jpg_____.exe
Changelog_29.03.2011.zip
Changelog_29.03.2011____.DOC____.exe
EX-38463.pdf.zip
EX-38463.pdf.exe
FTOSDOCEL.zip
DSC_903_06_2011_.JPG.scr
DSC_902_06_2011_.JPG.scr
DSC_901_06_2011_.JPG.scr
tipos-de-xana.pps.zip
tipos-de-xana.pps.exe
Tipos_De_Xana.pps.zip
Tipos_De_Xana.pps.exe
gRr472410.zip
invoce_NR71895776627118773.doc_____.exe
report_082011-65.pdf.zip
report_082011-65.pdf.exe
HP_Document_09.13_eZ8198.zip
HP_Officejet_Z893-994_SCAN.doc.exe
report_092011-78.pdf.zip
report_092011-78.pdf.exe
HP_Scan_09.13_XZ4095.zip
HP_Officejet_Z8093-994_SCAN.doc.exe
Flatologia.pps.zip
Flatologia.pps.exe
report.pdf.exe
Tipos_De_Peido.pps.zip
Tipos_De_Peido.pps.exe
dieta do seo.html.zip
dieta do seo.html.exe
Fire Safety Guidance.pdf.zip
Fire Safety Guidance.pdf.exe
HP_Doc_06.04-96701.htm
Scan.zip
Hewlett-Packard_NetJet_XP888354-SCAN.exe
rapidfax-6CDA0992C3.zip
RapidFAX_id_000032487263443568072038473204757304170475909
63982374102837504356891735-4635032459875086814-56389562349.pdf.exe

Contract39872.zip
Contract39872.pdf.exe
Contract09832.zip
Contract09832.pdf.exe
rapidfax-8683028719.zip
RapidFAX.pdf.exe
rapidfax-E8800549C2.zip
RapidFAX_MCID.pdf.exe
Changes 2013.zip
Changes 2013.pdf.exe
Employment 2013.zip
Employment 2013.pdf.exe
EmploymentChanges.zip
EmploymentChanges.pdf.exe
12-07-2012-02.zip
12-07-2012-02.PDF.exe
FAX_20122212_1331130437_0.PDF.zip
eFax.inbound.pdf.exe
FAX_20122412_5457726331_8.zip
BlackBerryID instructions.zip
BlackBerryID instructions.pdf.exe
Xerox0598331966.zip
Xerox658940436722.pdf.exe

Contract_A0914.zip
Contract_AllenkINC.doc.exe

Extrato.pdf.zip
Extrato.pdf.exe

128,980 Euro.pdf.zip
128,980 Euro.pdf.exe
756934230284873_txt.exe
756934230284873_txt.zip

tmp_488723456729853_txt.zip
488723456729853_txt.exe

The Xerox_Scan_N0032-42344250.doc.exe file has a file size of 65,536 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x22B2CF601D83F7E92F46A4D68C880FB5

The Scanned_Document.doc.exe file has a file size of 41,472 bytes. The MD5 checksum is the following string: 0x0D1448F3F8990272E4D558A3CA6C1CC3

The Scanned_Document.DOC.exe file has a file size of 43,008 bytes. The MD5 checksum is the following string: 0xEB7753949819409A8B13D650FC473B53

The Firma_Info_1110.Pdf____.exe file has a file size of 147,456 bytes. The MD5 checksum is the following string: 0xDAF9245C1BE609A72B0E5BF15AC75595

The Doc16.12.2010Scanned.DOC_____.exe file has a file size of 151,040 bytes. The MD5 checksum is the following string: 0x651EA5E4161178D3DD75D3F77176AA3C

The Empressa.Pdf_____.exe file in the Empressa.zip attachment has a file size of 155,136 bytes. The MD5 checksum is the following string: 0x1C14C9425D4F7E4A8EBB65DBB9F37FA6

The Fotodc002.Jpg _____.exe file in the Fotodc002.zip attachment has a file size of 129,536 bytes. The MD5 checksum is the following string: 0x3E2E86ECED0FCB0E6AB618BB5447988C

The Foto.Jpg_____.exe file in the Foto.zip attachment has a file size of 182,784 bytes. The MD5 checksum is the following string: 0x70D455EF2A7CA65486E96D7A33A33AD3

The Changelog_29.03.2011____.DOC____.exe file in the Changelog_29.03.2011.zip attachment has a file size of 23,552 bytes. The MD5 checksum is the following string: 0xAADD19F30F37EB44A101C8AD20956F36

The EX-38463.pdf.exe file in the EX-38463.pdf.zip attachment has a file size of 14,848 bytes. The MD5 checksum is the following string: 0x5085794E6C283EBCFA3878805B9E7BE7

The DSC_903_06_2011_.JPG.scr file in the FTOSDOCEL.zip attachment has a file size of 181,030 bytes. The MD5 checksum is the following string: 0xD2C3C3393E74E0E9950B3D953B07F152

The DSC_902_06_2011_.JPG.scr file in the FTOSDOCEL.zip attachment has a file size of 113,446 bytes. The MD5 checksum is the following string: 0xC17F2567086C9FD241F44648E62FBAC8

The DSC_901_06_2011_.JPG.scr file in the FTOSDOCEL.zip attachment has a file size of 113,446 bytes. The MD5 checksum is the following string: 0x0BA5D64159CC8195667310E1899D3E91

The tipos-de-xana.pps.exe file in the tipos-de-xana.pps.zip attachment has a file size of 409,424 bytes. The MD5 checksum is the following string: 0xDA14C6DCBBB157D489C15882EF060681

The Tipos_De_Xana.pps.exe file in the Tipos_De_Xana.pps.zip attachment has a file size of 334,672 bytes. The MD5 checksum is the following string: 0x8E8F5115BD08C93D44B432FF6E38C77F

The invoce_NR71895776627118773.doc_____.exe file in the gRr472410.zip attachment has a file size of 55,296 bytes. The MD5 checksum is the following string: 0x9D1D693CFC835882CC52370BF73EC0DB

The report_082011-65.pdf.exe file in the report_082011-65.pdf.zip attachment has an approximate file size of 1,862,656 bytes. The MD5 checksum is unknown.

The HP_Officejet_Z893-994_SCAN.doc.exe file in the HP_Document_09.13_eZ8198.zip attachment has an approximate file size of 42,332 bytes. The MD5 checksum is the following string: 0x841CDC8BFA5002722F8120CB08A9A986

The report_092011-78.pdf.exe file in the report_092011-78.pdf.zip attachment has an approximate file size of 36,864 bytes. The MD5 checksum is the following string: 0x4E1B90B683AFBA01089F87AB302BCFF9

The HP_Officejet_Z8093-994_SCAN.doc.exe file in the HP_Scan_09.13_XZ4095.zip attachment has an approximate file size of 39,997 bytes.

The Flatologia.pps.exe file in the Flatologia.pps.zip attachment has a file size of 176,115 bytes. The MD5 checksum is the following string: 0xF3BC3E9CCB19060A0141946C0827E42B

The Business Meeting notes Jan 2012.pdf.exe file in the Business_Meeting_Notes_January-2012_O415.zip attachment has a file size of 199,680 bytes. The MD5 checksum is the following string: 0x0A6EBEE8EA9D94C05BCEDAEE37AE990C

The report.pdf.exe file has a file size of 195,072 bytes. The MD5 checksum is the following string: 0x5B9CDA82CF2CB14B9FE991248F97213B

The Tipos_De_Peido.pps.exe file in the Tipos_De_Peido.pps.zip attachment has a file size of 303,604 bytes. The MD5 checksum is the following string: 0x9C5C7662964EB0AF9476BE6D03FBE3DD

The dieta do seo.html.exe file in the dieta do seo.html.zip attachment has a file size of 438,916 bytes. The MD5 checksum is the following string: 0x2145952EC1A75542B2F176530A6D869C

The Fire Safety Guidance.pdf.exe file in the Fire Safety Guidance.pdf.zip attachment has a file size of 28,672 bytes. The MD5 checksum is the following string: 0x762050CA0351195D7665700EDEF505E2

A variant of the Fire Safety Guidance.pdf.exe file in the Fire Safety Guidance.pdf.zip attachment has a file size of 29,184 bytes. The MD5 checksum is the following string: 0xC3B3D6BFEA1205108954863206C34440

A third variant of the Fire Safety Guidance.pdf.exe file in the Fire Safety Guidance.pdf.zip attachment has a file size of 28,672 bytes. The MD5 checksum is the following string: 0x76D1E2A4FBC47EDE2996895398F58CF7

A fourth variant of the Fire Safety Guidance.pdf.exe file in the Fire Safety Guidance.pdf.zip attachment has a file size of 28,160 bytes. The MD5 checksum is the following string: 0xC786163F2612D6D95625D44513BF803B

The HP_Doc_06.04-96701.htm file size is unknown. The MD5 checksum is the following string: 02ce72bfbefe5ba8866d4e87bb9435fd

The Hewlett-Packard_NetJet_XP888354-SCAN.exe file in the Scan.zip attachment has a file size of 92,160 bytes. The MD5 checksum is the following string: 0x5D6EFB51B9C0F5D3E4073B6BD5A717AD

The RapidFAX_id_000032487263443568072038473204757304170475909 63982374102837504356891735-4635032459875086814-56389562349.pdf.exe file in the rapidfax-6CDA0992C3.zip attachment has a file size of 116,224 bytes. The MD5 checksum is the following string: 0x945D8899698AA4113CAF56AF9C510A5E

The Contract39872.pdf.exe file in the Contract39872.zip attachment has a file size of 115,712 bytes. The MD5 checksum is the following string: 0xB47A855962DE2C00B1B517A72799195F

The Contract09832.pdf.exe file in the Contract09832.zip attachment has a file size of 115,712 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x45199CF1DD12B02B10B8D1A574D5AE2A

The RapidFAX.pdf.exe file in the rapidfax-8683028719.zip attachment has an approximate file size of 104,673 bytes. The MD5 checksum is not available.

The RapidFAX_MCID.pdf.exe file in the rapidfax-E8800549C2.zip attachment has a file size of 117,248 bytes. The MD5 checksum is the following string: 0xF15563DAF174CB636A8BE50DEA8B3B

The Changes 2013.pdf.exe file in the Changes 2013.zip attachment has a file size of 147,456 bytes. The MD5 checksum is the following string: 0xD22F8CD72E0608DE24711F3AC5497997

The Employment 2013.pdf.exe file in the Employment 2013.zip attachment has a file size of 147,456 bytes. The MD5 checksum is the following string: 0x7523C051170DC4AA8064D84E312FB5ED

The EmploymentChanges.pdf.exe file in the EmploymentChanges.zip attachment has a file size of 116,736 bytes. The MD5 checksum is the following string: 0xFEF81AEBD7B7B6F8858EDCB07AA89276

The 12-07-2012-02.PDF.exe file in the 12-07-2012-02.zip attachment has a file size of 135,168 bytes. The MD5 checksum is the following string: 0x731DBDDE9AAE996FA783942B12847FB1

The eFax.inbound.pdf.exe file in the FAX_20122212_1331130437_0.PDF.zip attachment has a file size of 111,104 bytes. The MD5 checksum is the following string: 0x66924E60B090B0B1B990DCDC03D921CE

A variant of eFax.inbound.pdf.exe file in the FAX_20122412_5457726331_8.zip attachment has a file size of 111,104 bytes. The MD5 checksum is the following string: 0x503A5EBF1A2F3A57384DF48D18CD16C1

The BlackBerryID instructions.pdf.exe file size in the BlackBerryID instructions.zip attachment is unavailable. The MD5 checksum is the following string: 0x7aae153d8ad471396f08185cafa21455

The Xerox658940436722.pdf.exe file in the Xerox0598331966.zip attachment has a file size of 58,215 bytes. The MD5 checksum is the following string: 0x54569BDF48B6ABD2E19B79B27DBF5E63

The Contract_AllenkINC.doc.exe file in the Contract_A0914.zip attachment has a file size of 106,496 bytes. The MD5 checksum is the following string: 0x0BB43A92A9AB85C68E42FAE201EF5267

The Extrato.pdf.exe file in the Extrato.pdf.zip attachment has a file size of 433,152 bytes. The MD5 checksum is the following string: 0x0872D525B203FE6DC4023FC26ECFEC4E

The 128,980 Euro.pdf.exe file in the 128,980 Euro.pdf.zip attachment has a file size of 1,512,151 bytes. The MD5 checksum is the following string: 0x66A351EDA17CA95C33D32A4530A61C3F

The 756934230284873_txt.exe file in the 756934230284873_txt.zip attachment has a file size of 237,568 bytes. The MD5 checksum is the following string: 0x3BA7C88BC0542F94368C9F6EDFA0E257

The 488723456729853_txt.exe file in the HP_Document_09.13_eZ8198.zip attachment has an approximate file size of 42,332 bytes. The MD5 checksum is the following string: 0x841CDC8BFA5002722F8120CB08A9A986

The following text is a sample of the e-mail message that is associated with this threat outbreak:

Subject: Scan from a Xerox WorkCentre P5014497

Message Body:

Good afternoon,
Please open the attached document. It was scanned and sent to you using a Xerox WorkCentre Pro.


Sent by: Guest
Number of Images: 1
Attachment File Type: ZIP [DOC]


WorkCentre Pro Location: machine location not set Device Name: XRX2090AA7ACDB45466972.

Or

Subject: Re: Empresa Consulta.

Message Body:

Buenos dias.

La respuesta a su conuslta de un perfil en nuestra paigna web al 17.02.2011.
Estadisticas incluidas en el archivo, sera un plcaer colaborar en el futuro.


ID: RFUYZaBFL

--=20
Best regards,
Empresa Consulta INC.

Or

Subject: The ACH transaction (ID:39410329 ) was canceled

Message Body:

ACH Payment Canceled
The ACH transaction (ID:39410329 ),
recently initiated from your checking account (by you or any other person),
was canceled by the other financial institution.
Rejected transaction
Transaction ID: 39410329
Reason for rejection: See details in the attachment
Transaction Report: report_092011-78.pdf.exe (self-extracting archive, Adobe PDF)
13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171 (703)561-1100 2011 NACHA - The Electronic Payment Association

Or

Subject: dieta do seo, ja conhecia essa?

Message Body:

seo e bom, perder peso tambem, os dois juntos e maravilhoso

Or

Subject: Fw: Materials for a scheduled Public Safety event [Fraud?]

Message Body:

Dear Colleagues
It might be useful for you to know that we are taking part in a joint event
with Fire and Counter Terrorism Safety including three written tests on
Wednesday.
Last year three in ten employees surveyed could not pass the Fire Safety
test.
Each of you will find enclosed a Fire Instruction Notices and your role
description. Please study the enclosed materials before April, 18.
Kind regards,
Jamar Reister
Department of Human Resources

Or

Subject: FW:Enclosed Tutoring Materials

Message Body:

Dear Associates
It might be useful for you to know that we are having a joint event with Fire and Counter
Terroirsm Safety inlcuding four written tests on Tuesday.
Last month two in ten emplyoees surevyed could not pass the Fire Safety test.
Each of you will find enclosed a Fire Safety Policy
and your role descrpition. Please study the enclosed materials before April.

Or

Subject: Scan from a Hewlett-Packard ScanJet #621954

Message Body:

Attached document was scanned and sent
to you using a Hewlett-Packard HP Officejet 4430P.
Sent by: CLARENCE
Images : 9
Attachment Type: .HTM [INTERNET EXPLORER]
Hewlett-Packard Officejet Location: machine location not set
Device: ODS899LA5DS9286177

Or

Subject: Inbound Fax

Message Body:

A fax has been received.
MCFID = 07160869
Time Received = Mon, 03 Dec 2012 14:36:46 +0100
Fax Number = 6062663810
ANI = 1744696417
Number of Pages = 11
CSID = 05704862701
Fax Status Code = Successful
Please do not reply to this email.
RapidFAX Customer Service
www.rapidfax.com
©2012 j2 Global, Inc. All rights reserved. RapidFAX is a registered trademark.

Or

Subject: Please review & sign your document

Message Body:

DocuSign Logo
Please review & sign your document
Sent on behalf of DocuSign Customer Service at DocuSign, Inc.
All parties have completed the envelope 'Please DocuSign this document:
Contract08252.pdf'.
To view or print the document download the attachment .
(self-extracting archive, Adobe PDF)
LEARN MORE: New Features | Tips & Tricks | Video Tutorials
DocuSign. The fastest way to get a signature.
If you have questions regarding this notification or any enclosed documents
requiring your signature, please contact the sender directly. For technical
assistance with the signing process, you can email support.
This message was sent to you by Yvonne McFadden who is using the DocuSign
Electronic Signature Service. If you would rather not receive email from
this sender you may contact the sender with your request.

Or

Subject: Please review & sign your document

Message Body:

DocuSign Logo
Please review & sign your document
Sent on behalf of DocuSign Customer Service at DocuSign, Inc.
All parties have completed the envelope 'Please DocuSign this document: Contract59479.pdf'.
To view or print the document download the attachment .
(self-extracting archive, Adobe PDF)
LEARN MORE: New Features | Tips & Tricks | Video Tutorials
DocuSign. The fastest way to get a signature.
If you have questions regarding this notification or any enclosed documents requiring your signature, please contact the sender directly. For technical assistance with the signing process, you can email support.
This message was sent to you by Yvonne McFadden who is using the DocuSign Electronic Signature Service. If you would rather not receive email from this sender you may contact the sender with your request.

Or

Subject: Confidential - to ALL Employees

Message Body:

DocuSign Logo
Your document has been completed
Sent on behalf of administrator@ankauf.freihaendler.de.
All parties have completed the envelope 'Please DocuSign this document: Important Changes 2013.pdf'.
To view or print the document download the attachment .
(self-extracting archive, Adobe PDF)
This document contains information confidential and proprietary to ankauf.freihaendler.de
LEARN MORE: New Features | Tips & Tricks | Video Tutorials
DocuSign. The fastest way to get a signature.
If you have questions regarding this notification or any enclosed documents requiring your signature, please contact the sender directly. For technical assistance with the signing process, you can email support.
This message was sent to you by administrator@ankauf.freihaendler.de who is using the DocuSign Electronic Signature Service. If you would rather not receive email from this sender you may contact the sender with your request.

Or

Subject: Confidential - to ALL Employees

Message Body:

DocuSign Logo
Your document has been completed
Sent on behalf of administrator@preci-spark.uk.com.
All parties have completed the envelope 'Please DocuSign this document: Employment 2013.pdf'.
To view or print the document download the attachment .
(self-extracting archive, Adobe PDF)
This document contains information confidential and proprietary to preci-spark.uk.com
LEARN MORE: New Features | Tips & Tricks | Video Tutorials
DocuSign. The fastest way to get a signature..
If you have questions regarding this notification or any enclosed documents requiring your signature, please contact the sender directly. For technical assistance with the signing process, you can email support.
This message was sent to you by administrator@preci-spark.uk.com who is using the DocuSign Electronic Signature Service. If you would rather not receive email from this sender you may contact the sender with your request.

Or

Subject: Confidential - to ALL Employees

Message Body:

DocuSign Logo
Your document has been completed
Sent on behalf of administrator@miffcrffodf.com.
All parties have completed the envelope 'Please DocuSign this document:
Employment Changes 2013.pdf'.
To view or print the document download the attachment .
(self-extracting archive, Adobe PDF)
This document contains information confidential and proprietary to
miffcrffodf.com
LEARN MORE: New Features | Tips & Tricks | Video Tutorials

Or

Subject: Scan from a Xerox WorkCentre

Message Body:

Hello,
Please download the document. It was scanned and sent to you using a Xerox multifunction device.
Sent by: "Kareem Milton"
Number of attachments: 1 Attachment
File Type: pdf
Multifunction device Location: Machine location not set
Device Name: Xerox0869
For more information on Xerox products and solutions, please visit http://www.xerox.com

Or

Subject: Your BlackBerry ID has been created

Message Body:

Your BlackBerry ID has been created
Hello,
You've created a BlackBerry ID!
To enjoy the full benefits of your BlackBerry ID, please follow the instructions in the attached file
BlackBerry ID is your universal BlackBerry key. Here's what it offers:
One sign in for all BlackBerry applications, services, and websites.
Automatic transfer of some email accounts and services when you switch smartphones.
Full access to all features in BlackBerry App World™ storefront.
Protection of financial transactions using BlackBerry services.
You can learn more about BlackBerry ID by visiting https://blackberryid.blackberry.com/
The BlackBerry Team
This email has been automatically generated. Please do not reply to this email.
If you have not previously indicated that you wish to receive emails from Research In Motion Limited and/or its affiliated companies regarding exclusive offers and updates about BlackBerry products and services and you would like to do so, please click here.
Research In Motion Limited, 295 Phillip St., Waterloo, Ontario, Canada, N2L 3W8
2012 Research In Motion Limited. All rights reserved. BlackBerry, RIM, Research In Motion and related trademarks, names and logos are the property of Research In Motion Limited and are registered and/or used in the U.S. and countries around the world.

The malware associated with this threat outbreak belongs to the Trojan.Sasfis family. This trojan could modify the system registry and download and install additional malware on the system by communicating with arbitrary hosts on the Internet.

Cisco Security Intelligence Operations analysts examine real-world e-mail traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global e-mail security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases.

Cisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. E-mail that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam e-mail and hostile web URLs from being passed to the end user.

Related Links
Cisco Security Intelligence Operations
Cisco Threat Operations Center
Cisco SenderBase Security Network
 
Alert History
 

Version 39, May 19, 2014, 8:11 AM: Cisco Security Intelligence Operations has detected significant activity on May 18, 2014.

Version 38, January 24, 2014, 7:40 AM: Cisco Security Intelligence Operations has detected significant activity on January 23, 2014.

Version 37, December 19, 2013, 8:47 AM: Cisco Security Intelligence Operations has detected significant activity on December 18, 2013.

Version 36, March 14, 2013, 2:21 PM: Cisco Security Intelligence Operations has detected significant activity on March 13, 2013.

Version 35, February 21, 2013, 4:57 AM: Cisco Security Intelligence Operations has detected significant activity on February 21, 2013.

Version 34, January 15, 2013, 6:46 AM: Cisco Security Intelligence Operations has detected significant activity on January 15, 2012.

Version 33, January 2, 2013, 7:42 AM: Cisco Security Intelligence Operations has detected significant activity on December 24, 2012.

Version 32, December 7, 2012, 12:46 PM: Cisco Security Intelligence Operations has detected significant activity on December 7, 2012.

Version 31, December 5, 2012, 11:30 AM: Cisco Security Intelligence Operations has detected significant activity on December 5, 2012.

Version 30, December 5, 2012, 7:01 AM: Cisco Security Intelligence Operations has detected significant activity on December 4, 2012.

Version 29, December 4, 2012, 9:34 AM: Cisco Security Intelligence Operations has detected significant activity on December 3, 2012.

Version 28, December 3, 2012, 11:27 AM: Cisco Security Intelligence Operations has detected significant activity on December 3, 2012.

Version 27, July 2, 2012, 7:27 AM: Cisco Security Intelligence Operations has detected significant activity on July 2, 2012.

Version 26, July 2, 2012, 12:09 AM: Cisco Security Intelligence Operations has detected significant activity on June 4, 2012.

Version 25, April 18, 2012, 11:38 AM: Cisco Security Intelligence Operations has detected significant activity on April 18, 2012.

Version 24, April 17, 2012, 11:05 AM: Cisco Security Intelligence Operations has detected significant activity on April 16, 2012.

Version 23, April 16, 2012, 11:29 AM: Cisco Security Intelligence Operations has detected significant activity on April 16, 2012.

Version 22, March 30, 2012, 9:51 PM: Cisco Security Intelligence Operations has detected significant activity on March 29, 2012.

Version 21, March 27, 2012, 2:04 PM: Cisco Security Intelligence Operations has detected significant activity on March 27, 2012.

Version 20, January 23, 2012, 12:21 PM: Cisco Security Intelligence Operations has detected significant activity on January 23, 2012.

Version 19, December 15, 2011, 10:49 AM: Cisco Security Intelligence Operations has detected significant activity on December 15, 2011.

Version 18, November 30, 2011, 3:53 PM: Cisco Security Intelligence Operations has detected significant activity on November 29, 2011.

Version 17, September 20, 2011, 7:53 PM: Cisco Security Intelligence Operations has detected significant activity on September 19, 2011.

Version 16, September 19, 2011, 8:20 AM: Cisco Security Intelligence Operations has detected significant activity on September 19, 2011.

Version 15, August 24, 2011, 9:44 AM: Cisco Security Intelligence Operations has detected significant activity on August 24, 2011.

Version 14, August 10, 2011, 11:53 AM: Cisco Security Intelligence Operations has detected significant activity on August 10, 2011.

Version 13, July 18, 2011, 7:39 AM: Cisco Security Intelligence Operations has detected significant activity on July 15, 2011.

Version 12, July 6, 2011, 10:48 AM: Cisco Security Intelligence Operations has detected significant activity on July 6, 2011

Version 11, June 30, 2011, 8:57 AM: Cisco Security Intelligence Operations has detected significant activity on June 30, 2011.

Version 10, April 12, 2011, 11:50 AM: Cisco Security Intelligence Operations has detected significant activity on April 12, 2011.

Version 9, March 30, 2011, 6:50 AM: Cisco Security Intelligence Operations has detected significant activity on March 29, 2011.

Version 8, March 17, 2011, 9:35 AM: Cisco Security Intelligence Operations has detected significant activity on March 17, 2011.

Version 7, March 3, 2011, 10:28 AM: Cisco Security Intelligence Operations has detected significant activity on March 3, 2011.

Version 6, February 17, 2011, 10:53 AM: Cisco Security Intelligence Operations has detected significant activity on February 17, 2011.

Version 5, December 16, 2010, 9:43 AM: Cisco Security Intelligence Operations has detected significant activity on December 16, 2010.

Version 4, November 12, 2010, 8:04 AM: Cisco Security Intelligence Operations has detected significant activity on November 11, 2010.

Version 3, November 8, 2010, 9:27 AM: Cisco Security Intelligence Operations has detected significant activity on November 5, 2010.

Version 2, October 7, 2010, 9:18 AM: Cisco Security Intelligence Operations has detected significant activity on October 6, 2010.

Version 1, September 30, 2010, 11:29 AM: Cisco Security Intelligence Operations has detected significant activity on September 29, 2010.


Product Sets
 
The security vulnerability applies to the following combinations of products.

Primary Products:
IntelliShieldThreat Outbreak Alert Original Release Base

Associated Products:
N/A




Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service. This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.


LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
Powered by  IntelliShield