Clipsa Malware

A new malware strain named Clipsa has been making the rounds for the past year, infecting users from all over the world.

What stands out about this new threat is that besides classic malware features — such as the ability to steal cryptocurrency wallet files, install a cryptocurrency miner, and hijacking the user’s clipboard to replace cryptocurrency addresses — Clipsa also includes a somewhat strange feature that allows it to launch brute-force attacks against WordPress websites.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Clipsa Malware and similar threats. Ensure your systems have the latest patches installed. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-2130

Android has released its monthly security bulletin for August.

The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted PAC file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.

Source: Android

How do you protect yourself?

Update Android to the latest version.

Echobot Botnet

A new variant of Echobot botnet has been spotted to include over 50 exploits leading to remote code execution (RCE) vulnerabilities in various Internet-of-Things devices.

The latest Echobot variant was found by security researcher Carlos Brendel Alcañiz, and uses 59 different RCE exploits to propagate.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Echobot Botnet and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.