Glupteba Malware

A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes.

The new version has switched to malvertising as the means of distribution and it comes with two more modules besides the newly added Bitcoin blockchain C2 updater, namely an info stealer and an exploit that targets local MikroTik routers.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Glupteba Malware and similar threats. Ensure your systems have the latest patches installed. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-2176

Android has released its monthly security bulletin. The most severe of these issues is a critical security vulnerability in the Media framework component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. 

Source: Android

How do you protect yourself?

Check Android for the latest security patches and update accordingly.

Nemty Ransomware

The operators of Nemty ransomware appear to have struck a distribution deal to target systems with outdated technology that can still be infected by exploit kits.

Exploit kits are not as commonly used since they typically thrive on vulnerabilities in Internet Explorer and Flash Player, two products that used to dominate the web a few years ago but are now with one foot out in the grave.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Nemty Ransomware and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.