Ares Botnet

A new IoT botnet named Ares is infecting Android-based devices that have left a debug port exposed on the Internet.

The attacks aren’t using a vulnerability in the Android operating systems, but are exploiting a configuration service that has been left enabled and unprotected on some set-top boxes installations.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Ares botnet and similar threats. Ensure your systems have the latest patches installed. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-5869

A vulnerability has been discovered in Google Chrome which could result in arbitrary code execution. This vulnerability is a use-after-free vulnerability in Blink that can be exploited if a user visits, or is redirected to, a specially crafted web page.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser, obtain sensitive information, bypass security restrictions and perform unauthorized actions, or cause denial-of-service conditions.

Source: Center for Internet Security

How do you protect yourself?

Update Google Chrome to version 76.0.3809.132.

Trickbot Trojan

A new Trickbot Trojan variant was spotted while focusing on stealing PIN codes from Verizon Wireless, T-Mobile, and Sprint users, marking a new step in this malware’s development.

TrickBot (also known as Trickster, TheTrick, and TrickLoader) is a banking Trojan that has been continuously upgraded throughout the years with new modules and capabilities since October 2016 when it was initially observed in the wild.

While in the beginning it only came with banking Trojan capabilities designed to collect and deliver as much sensitive data as possible to its masters, it is now also become a popular malware dropper capable of infecting compromised machines with other malware families.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Trickbot Trojan and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.