Emotet Trojan

Emotet, a Banking Trojan turned devastating modular threat, has returned with upgraded functions in a new wave of attacks.

Emotet has now begun sharing a number of obfuscation techniques already utilized by Trickbot. A new export function has also been found in executable binary functions — used by both malware variants — and this feature resolves API names through an export list of loaded DLLs. The API call resolution is present in both Emotet and Trickbot packers.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Emotet Trojan and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE 2019-2204

Android has released its monthly security patches for several core Android components.

The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.

Source: Android

How do you protect yourself?

Update Android to the latest version.

MegaCortex Ransomware

A new version of the MegaCortex Ransomware has been discovered that not only encrypts your files, but now changes the logged in user’s password and threatens to publish the victim’s files if they do not pay the ransom.

For those not familiar with MegaCortex, it is a targeted ransomware installed through network access provided by trojans such as Emotet. Once the MegaCortex actors gain access, they then push the ransomware out to machines on the network via an active directory controller or post-exploitation kits.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against MegaCortex Ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.