Rietspoof Malware

 

 

Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and offers very little to no information on what audience it targets.

What’s known at the moment is that the malware uses multiple stages to compromise its targets, each of them having very particular capabilities, with one acting as a bot that “can download/upload files, start processes, or initiate a self-destruct function,” and another behaving like a run-of-the-mill downloader.

At this moment, Rietspoof’s end goal, targets, and exact infection chain are not yet known, but something is obvious: the threat actors behind this malware are accelerating its development and deployment speed, adding new features and updating/improving the ones already in each day.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Rietspoof malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.

 

CVE-2019-7815

 

 

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address a reported bypass to the fix for CVE-2019-7089 first introduced in 2019.010.20091, 2017.011.30120 and 2015.006.30475 and released on February 12, 2019. Successful exploitation could lead to sensitive information disclosure in the context of the current user.

Affected Versions

Product Track Affected Versions Platform
Acrobat DC Continuous 2019.010.20091 and earlier versions Windows and macOS
Acrobat Reader DC Continuous 2019.010.20091 and earlier versions Windows and macOS
Acrobat 2017 Classic 2017 2017.011.30120 and earlier version Windows
Acrobat Reader 2017 Classic 2017 2017.011.30120 and earlier version Windows
Acrobat DC Classic 2015 2015.006.30475 and earlier versions Windows
Acrobat Reader DC Classic 2015 2015.006.30475 and earlier versions Windows

Source: Adobe

How do you protect yourself?

Upgrade Adobe Acrobat and Reader to the latest version.

 

WinPot malware

 

 

The WinPot ATM jackpotting malware is evolving, as its authors look to solve the obstacles that get in their way. The latest is an effort to help ATM hackers, a.k.a. jackpotters, better target their efforts in order to steal more cash in a lesser amount of time.

Thieves infect ATMs through physical access, i.e., by using USB drives to install malware onto the machine (ATM owners can thus protect themselves through device control and software blacklisting/whitelisting). The USB port is located on the back of the ATM, which the criminals get to by popping open a flange on the front that exposes a hole.

Once the malware is installed, the cybercriminals can force the ATM to dispense cash on-demand via a software interface that appears on the ATM’s screen. The effect is a bit like hitting the jackpot on a slot machine, hence the nickname for this kind of strike.

Source: ThreatPost

How do you protect yourself?

Proper security measures must be in place to defend against WinPot Malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.