Plurox Malware

A new strain of malware has been spotted in the wild by the Kaspersky security team. Named Plurox, this new malware is a cut above the usual malware strains security researchers encounter on a daily basis.

According to Kaspersky, Plurox, despite being in early testing, has some pretty advanced features and can act as a backdoor into infected enterprise networks, can spread laterally to compromise even more systems, and can mine cryptocurrencies using one of eight different plugins.

In other words, the malware can work as a backdoor trojan, a self-spreading virus, and a crypto-miner, all at the same time.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Plurox malware and similar threats. Ensure your systems have the latest patches installed. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-11708

Mozilla Firefox has announced security updates for Firefox and Firefox ESR.

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user’s computer.

Source: Mozilla

How do you protect yourself?

Security vulnerabilities are fixed in Firefox 67.0.4 and Firefox ESR 60.7.2. Ensure your browser is up to date.

Ryuk Ransomware

A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted.

With this new variant, the ransomware will check the output of arp -a for particular IP address strings, and if they are found, will not encrypt the computer.

Source: Bleeping Computer

How do you protect yourself?

Proper security measures must be in place to defend against Ryuk ransomware and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.