BlackSquid Malware

A new form of malware has emerged from the depths to attack web servers with a barrage of exploits designed to land illicit cryptocurrency miners.

The overall aim is to compromise web servers, network drives, and removable storage to install XMRig, a Monero cryptocurrency miner script, on target machines.

In addition, BlackSquid is capable of brute-force attacks, anti-virtualization, anti-debugging, and anti-sandboxing techniques, as well as worm-like propagation capabilities.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against BlackSquid malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-2093

Android has released its monthly security bulletin. The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.

Source: Android

How do you protect yourself?

Ensure your Android is updated with the latest version.

Maze Ransomware

A variant of the Maze Ransomware, otherwise known as the ChaCha Ransomware, has been spotted being distributed by the Fallout exploit kit. An interesting feature of this ransomware is that it says the ransom amount will be different depending on whether the victim is a home computer, server, or workstation.

An interesting feature of this ransomware is that it will try and detect whether the computer is a home computer, workstation, domain controller, server, etc and then states it changes the ransom amounts accordingly.

Source: Bleeping Computer

How do you protect yourself?

Proper security measures must be in place to defend against Maze ransomware and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.