Anchor Malware

In a report, we learn of a new connection between a state-sponsored hacking group (North Korea’s Lazarus Group) and a mundane malware operation (TrickBot).

According to the security researchers, the Lazarus Group has recently become a customer of the TrickBot gang, from whom they rent access to already infected systems, along with a new type of attack framework that researchers are calling Anchor.

Researchers describe Anchor as “a collection of tools” combined together into a new malware strain.

The Anchor malware strain is provided as a TrickBot module.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Anchor malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE 2019-16449

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and  important vulnerabilities.  Successful exploitation could lead to arbitrary code execution in the context of the current user.    

Source: Adobe

How do you protect yourself?

Update Adobe Acrobat and Reader to the latest available version.

Snatch Ransomware

The authors of the Snatch ransomware are using a never-before-seen trick to bypass antivirus software and encrypt victims’ files without being detected.

The trick relies on rebooting an infected computer into Safe Mode, and running the ransomware’s file encryption process from there.

The reason for this step is that most antivirus software does not start in Windows Safe Mode, a Windows state meant for debugging and recovering a corrupt operating system.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Snatch ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.