IPStorm Malware

A new malware campaign aimed at Windows machines features a novel technique to control the resulting botnet, with the group behind it hiding their communications using a P2P network.

It’s not known who the author of IPStorm is or where they are operating from, but the malware has a ‘reverse shell’ functionality that can allow hackers to execute any arbitrary PowerShell code on the infected machine.

What’s interesting about the malware, according to researchers at cybersecurity firm Anomali, is that it is the first malware found in the wild that is using IPFS’ p2p network for its command and control communication. By using a legitimate p2p network, the malware can hide its network traffic among legitimate p2p network traffic.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against IPStorm malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-7845

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player versions 32.0.0.192  and earlier. Successful exploitation could lead to arbitrary code execution in the context of the current user. 

Source: Adobe

How do you protect yourself?

Ensure Adobe Flash Player is updated with the latest version (Version 32.0.0.207).

Buran Ransomware

The RIG exploit kit is now infecting victim’s computers with a new ransomware variant called Buran. This ransomware is a variant of the Vega ransomware that was previously being distributed through Russian malvertising campaigns.

While there are some minor changes in the new Buran variant, the encryption process for the most part appears to be the same as the one distributed in Russia.

Source: Bleeping Computer

How do you protect yourself?

Proper security measures must be in place to defend against Buran ransomware and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.