Mirai malware

 

 

Security researchers have spotted a new variant of the Mirai IoT malware in the wild targeting two new classes of devices –smart signage TVs and wireless presentation systems.

The botnet’s author(s) appears to have invested quite a lot of their time in upgrading older versions of the Mirai malware with new exploits.

Palo Alto Networks researchers say this new Mirai botnet uses 27 exploits, 11 of which are new to Mirai altogether, to break into smart IoT devices and networking equipment.

Furthermore, the botnet operator has also expanded Mirai’s built-in list of default credentials, that the malware is using to break into devices that use default passwords. Four new username and password combos have been added to Mirai’s considerable list of default creds, researchers said in a report.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Mirai malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.

 

CVE-2019-9790

 

 

A use-after-free vulnerability in Firefox can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash.

Source: Mozilla

How do you protect yourself?

Update Firefox to Firefox 66.

 

JNEC.a Ransomware

 

 

A new ransomware called JNEC.a spreads through an exploit for the recently reported code execution ACE vulnerability in WinRAR. After encrypting a computer, it will generate a Gmail address that victims need to create in order to receive the file decryption key once they pay the ransom.

Once executed, the ransomware encrypts data on the computer and appends the .Jnec extension to the file’s original one. The price for the decryption key is 0.05 bitcoins (about $200).

The interesting part is that the malware author chose an unusual method to deliver the file decryption keys. The ID number unique for each affected computer represents a Gmail address for the delivery of the key.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against JNEC.a Ransomware and similar threats. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.