Rietspoof Malware
Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and offers very little to no information on what audience it targets.
What’s known at the moment is that the malware uses multiple stages to compromise its targets, each of them having very particular capabilities, with one acting as a bot that “can download/upload files, start processes, or initiate a self-destruct function,” and another behaving like a run-of-the-mill downloader.
At this moment, Rietspoof’s end goal, targets, and exact infection chain are not yet known, but something is obvious: the threat actors behind this malware are accelerating its development and deployment speed, adding new features and updating/improving the ones already in each day.
Source: BleepingComputer
How do you protect yourself?
Proper security measures must be in place to defend against Rietspoof malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.
CVE-2019-7815
Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address a reported bypass to the fix for CVE-2019-7089 first introduced in 2019.010.20091, 2017.011.30120 and 2015.006.30475 and released on February 12, 2019. Successful exploitation could lead to sensitive information disclosure in the context of the current user.
Affected Versions
Source: Adobe
How do you protect yourself?
WinPot malware
The WinPot ATM jackpotting malware is evolving, as its authors look to solve the obstacles that get in their way. The latest is an effort to help ATM hackers, a.k.a. jackpotters, better target their efforts in order to steal more cash in a lesser amount of time.
Thieves infect ATMs through physical access, i.e., by using USB drives to install malware onto the machine (ATM owners can thus protect themselves through device control and software blacklisting/whitelisting). The USB port is located on the back of the ATM, which the criminals get to by popping open a flange on the front that exposes a hole.
Once the malware is installed, the cybercriminals can force the ATM to dispense cash on-demand via a software interface that appears on the ATM’s screen. The effect is a bit like hitting the jackpot on a slot machine, hence the nickname for this kind of strike.
Source: ThreatPost
How do you protect yourself?
Proper security measures must be in place to defend against WinPot Malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.