sLoad malware

sLoad’s main purpose is to infect Windows PCs, gather information about the system they infected, send this info to a command and control (C&C) server, and then wait for instructions to download and install a second malware payload.

The malware exists to serve as a delivery system for more potent malware strains and to help the sLoad gang make money by providing pay-per-install space for other cybercriminal operations (e.g.; such as the Ramnit banking trojan gang).

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against sLoad malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-6858

Schneider Electric is aware of a vulnerability in the MSX Configurator product. Uncontrolled Search Path Element vulnerability exists which could cause privilege escalation when injecting a malicious DLL.

Source: Schneider Electric

How do you protect yourself?

This vulnerability is fixed in version V1.0.8.1 MSX Configurator software.

FTCODE Ransomware

The recently discovered ransomware FTCODE has evolved to include new information-stealing capabilities, and is now infecting victims via VBScript links in phishing emails.

The new iteration, version 1117.1, contains code that steals credentials from Internet Explorer, Mozilla Firefox and Thunderbird, Google Chrome and Microsoft Outlook.

Source: SC Magazine

How do you protect yourself?

Proper security measures must be in place to defend against FTCODE Ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.