Qakbot Malware

 

 

Cofense observed the botnets delivering non-Geodo malware since at least Jan. 28 via increasingly targeted phishing efforts. The attack begins when a user receives a phishing email containing a weaponized Microsoft Office document. That file contains malicious embedded macros that, when enabled, directly deliver Qakbot malware to the victim’s device. Researchers also witnessed the campaign leveraging IcedID, another banking Trojan, as its final payload.

In both cases, the campaign ends by replacing the binary content with that of calc.exe. This tactic is designed to help the campaign hide in plain sight, which signals Geodo’s evolution as a digital threat. Cofense found additional evidence of this evolution in Geodo’s use of targeted addressing, internal signatures and previous threads to prey on state-level government departments in the U.S. as part of a related malware campaign.

Source: Security Intelligence

How do you protect yourself?

Proper security measures must be in place to defend against Qakbot malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.

 

CVE-2019-1986

 

 

Google has released a security bulletin detailing several patched vulnerabilities. The most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process.

Source: Android

How do you protect yourself?

Update your android OS to the latest version.

 

SpeakUp Backdoor Trojan

 

 

A malware campaign distributing a new Backdoor Trojan named SpeakUp is currently targeting servers running six different Linux distributions and macOS by exploiting a number of known security vulnerabilities, while also managing to evade all anti-malware solutions in the process.

Backdoor Trojans are malware capable of providing attackers with access to compromised machines and to help them control those infected computers using commands sent via command-and-control (C&C) servers.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against SpeakUp Backdoor Trojan and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.