Reductor Malware

Cyber-espionage actors have developed a malware that can mark victims’ TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later.

Dubbed Reductor, the malware appears to share similar code to the COMpfun trojan, which was first documented in 2014 and is closely associated with suspected Russian APT group Turla, aka Venomous Bear and Uroburos.

Reductor spreads when a targeted computer downloads a software distribution from third-party sources, or via a decryptor/dropper program on machines that are already infected with COMpfun.

Source: SC Magazine

How do you protect yourself?

Proper security measures must be in place to defend against Reductor Malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE 2019-2173

Android has released its monthly security bulletin containing details of security vulnerabilities affecting Android devices.

The most severe vulnerability in this section could enable a local malicious application to bypass user interaction requirements in order to gain access to additional permissions.

Source: Android

How do you protect yourself?

Update Android to the latest version.

RobbinHood Ransomware

The operators behind the RobbinHood ransomware have changed their language in the ransom note, at least in one variant of the malware, to take from victims all hope of decrypting the files for free and to make them pay for the recovery.

Boastful and arrogant in their message, the cybercriminals point to past incidents involving their ransomware, which ended with victims paying much more than the ransom demand.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against RobbinHood Ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.