Malware\Ransomware News Roundup July, 9th 2019

In case you missed it, here are some news items on Malware and Ransomware from the last few days

Sodinokibi ransomware is now using a former Windows zero-day: https://www.zdnet.com/article/sodinokibi-ransomware-is-now-using-a-former-windows-zero-day/

Who’s Behind the GandCrab Ransomware?: https://krebsonsecurity.com/2019/07/whos-behind-the-gandcrab-ransomware/

Ransomware Recovery Firms Who Secretly Pay Hackers: https://www.schneier.com/blog/archives/2019/07/ransomware_reco.html

Don’t forget about WannaCry: Hospitals are still at risk of cyberattack: https://www.zdnet.com/article/dont-forget-about-wannacry-hospitals-are-still-at-risk-of-cyber-attack/

A “Stream O” Maldoc: https://isc.sans.edu/diary/A+%22Stream+O%22+Maldoc/25096

Fake eFax emails are now spreading Dridex Trojan, RMS RAT: https://www.zdnet.com/article/fake-efax-emails-are-now-spreading-dridex-trojan-rms-rat/

Microsoft warns about Astaroth malware campaign: https://www.zdnet.com/article/microsoft-warns-about-astaroth-malware-campaign/

Malicious XSL Files: https://isc.sans.edu/diary/Malicious+XSL+Files/25098

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149): https://msrc-blog.microsoft.com/2019/06/14/prevent-the-impact-of-a-linux-worm-by-updating-exim-cve-2019-10149/

The sinkhole that saved the internet: https://techcrunch.com/2019/07/08/the-wannacry-sinkhole/

Steer clear of Bitcoin Cash generators: https://blog.malwarebytes.com/crypto/2019/07/steer-clear-of-bitcoin-cash-generators/

New Golang malware plays the Linux field in quest for cryptocurrency: https://www.zdnet.com/article/new-golang-malware-plays-the-field-in-quest-for-cryptocurrency/

Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi: https://blog.trendmicro.com/trendlabs-security-intelligence/latest-spam-campaigns-from-ta505-now-using-new-malware-tools-gelup-and-flowerpippi/

Meet Godlua, the first known malware that leverages DNS over HTTPS: https://www.techspot.com/news/80791-meet-godlua-first-known-malware-leverages-dns-over.html

The comments and opinions on this blog are my own, and not that of my past, current, or future employer or any of its subsidiaries.

Milage may very, and batteries not included...

Published

July 9, 2019

Chris Mosby in Malware, Ransomware | July 9, 2019

Malware\Ransomware News Roundup July, 9th 2019

Sodinokibi ransomware is now using a former Windows zero-day: https://www.zdnet.com/article/sodinokibi-ransomware-is-now-using-a-former-windows-zero-day/

Who’s Behind the GandCrab Ransomware?: https://krebsonsecurity.com/2019/07/whos-behind-the-gandcrab-ransomware/

Ransomware Recovery Firms Who Secretly Pay Hackers: https://www.schneier.com/blog/archives/2019/07/ransomware_reco.html

Don’t forget about WannaCry: Hospitals are still at risk of cyberattack: https://www.zdnet.com/article/dont-forget-about-wannacry-hospitals-are-still-at-risk-of-cyber-attack/

A “Stream O” Maldoc: https://isc.sans.edu/diary/A+%22Stream+O%22+Maldoc/25096

Fake eFax emails are now spreading Dridex Trojan, RMS RAT: https://www.zdnet.com/article/fake-efax-emails-are-now-spreading-dridex-trojan-rms-rat/

Microsoft warns about Astaroth malware campaign: https://www.zdnet.com/article/microsoft-warns-about-astaroth-malware-campaign/

Malicious XSL Files: https://isc.sans.edu/diary/Malicious+XSL+Files/25098

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149): https://msrc-blog.microsoft.com/2019/06/14/prevent-the-impact-of-a-linux-worm-by-updating-exim-cve-2019-10149/

The sinkhole that saved the internet: https://techcrunch.com/2019/07/08/the-wannacry-sinkhole/

Steer clear of Bitcoin Cash generators: https://blog.malwarebytes.com/crypto/2019/07/steer-clear-of-bitcoin-cash-generators/

New Golang malware plays the Linux field in quest for cryptocurrency: https://www.zdnet.com/article/new-golang-malware-plays-the-field-in-quest-for-cryptocurrency/

Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi: https://blog.trendmicro.com/trendlabs-security-intelligence/latest-spam-campaigns-from-ta505-now-using-new-malware-tools-gelup-and-flowerpippi/

Meet Godlua, the first known malware that leverages DNS over HTTPS: https://www.techspot.com/news/80791-meet-godlua-first-known-malware-leverages-dns-over.html

Like this:

Related

Published

July 9, 2019

Sodinokibi ransomware is now using a former Windows zero-day: https://www.zdnet.com/article/sodinokibi-ransomware-is-now-using-a-former-windows-zero-day/

Who’s Behind the GandCrab Ransomware?: https://krebsonsecurity.com/2019/07/whos-behind-the-gandcrab-ransomware/

Ransomware Recovery Firms Who Secretly Pay Hackers: https://www.schneier.com/blog/archives/2019/07/ransomware_reco.html

Don’t forget about WannaCry: Hospitals are still at risk of cyberattack: https://www.zdnet.com/article/dont-forget-about-wannacry-hospitals-are-still-at-risk-of-cyber-attack/

A “Stream O” Maldoc: https://isc.sans.edu/diary/A+%22Stream+O%22+Maldoc/25096

Fake eFax emails are now spreading Dridex Trojan, RMS RAT: https://www.zdnet.com/article/fake-efax-emails-are-now-spreading-dridex-trojan-rms-rat/

Microsoft warns about Astaroth malware campaign: https://www.zdnet.com/article/microsoft-warns-about-astaroth-malware-campaign/

Malicious XSL Files: https://isc.sans.edu/diary/Malicious+XSL+Files/25098

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149): https://msrc-blog.microsoft.com/2019/06/14/prevent-the-impact-of-a-linux-worm-by-updating-exim-cve-2019-10149/

The sinkhole that saved the internet: https://techcrunch.com/2019/07/08/the-wannacry-sinkhole/

Steer clear of Bitcoin Cash generators: https://blog.malwarebytes.com/crypto/2019/07/steer-clear-of-bitcoin-cash-generators/

New Golang malware plays the Linux field in quest for cryptocurrency: https://www.zdnet.com/article/new-golang-malware-plays-the-field-in-quest-for-cryptocurrency/

Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi: https://blog.trendmicro.com/trendlabs-security-intelligence/latest-spam-campaigns-from-ta505-now-using-new-malware-tools-gelup-and-flowerpippi/

Meet Godlua, the first known malware that leverages DNS over HTTPS: https://www.techspot.com/news/80791-meet-godlua-first-known-malware-leverages-dns-over.html

Share this:

Like this:

Related

Published

July 9, 2019