Emotet Malware

 

 

“Emotet has been terrorizing systems worldwide for much of the year, with heavy campaigns in both Q1 and Q3 of 2018. In July 2018, US-CERT released an alert about Emotet and its capabilities,” wrote Adam Kujawa, director of Malwarebytes Labs.

The malware reportedly borrows the propagation and anti-forensic techniques seen in previous complex nation-state attacks, which means that the unique behaviors and tactics of these newest malware are able to withstand attempts at cleanup.

According to Malwarebytes, Emotet malware was detected and removed more than 1.5 million times between January and September 2018, while its telemetry further revealed the detection and removal of TrickBot within a single industry nearly half a million times in the first nine months of 2018.

Source: Infosecurity Magazine

How do you protect yourself?

Proper security measures must be in place to defend against Emotet malware and similar threats. Make sure you only download legitimate apps from the app store and do not click on suspicious links. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from cryptomining malware.

 

CVE-2018-15983

 

 

Adobe has released security updates for Adobe Flash Player version 31.0.0.153 and earlier versions for Windows, macOS, Linux and Chrome OS. These updates address one critical vulnerability in Adobe Flash Player and one important vulnerability in Adobe Flash Player installer. Successful exploitation could lead to Arbitrary Code Execution and privilege escalation in the context of the current user respectively.

Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.

Source: Adobe

How do you protect yourself?

Update your Adobe Flash Player to the latest version.

 

Danabot Trojan

 

 

DanaBot is a Trojan written in the Delphi programming language, that includes banking site web injections and stealer functions such as detailed system information and screenshots of the user’s desktop.

DanaBot began as an email campaign claiming to be from the NSW Roads and Maritime Services. The messages used the subject “Your E-Toll account statement” and contained URLs redirecting to documents hosted on another site, containing a macro that downloaded DanaBot if enabled.

DanaBot is the latest example of malware focused on persistence and stealing useful information that can later be monetised rather than demanding an immediate ransom from victims.

Source: IT Brief

How do you protect yourself?

Proper security measures must be in place to defend against Danabot and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from cryptomining malware. Avoid clicking unknown links and downloading suspicious attachments.