MSPs and CSPs have been targeted by attackers in an attempt to access their systems and install ransomware. In other news, Android applications are taking more permissions than they are granted.

For more articles, check out our #onpatrol4malware blog.

install ransomware

MSPs Beware: Attackers Targeting MSP Infrastructure to Install Ransomware

Source: Secplicity

Sophisticated threat actors have targeted managed service providers (MSPs) […] intending to install ransomware within their infrastructure and customer base. Read more.

install ransomware

New Miori Variant Uses Unique Protocol to Communicate with C&C

Source: Trend Micro

We first detailed a new Mirai variant called Miori in a report late last year after finding the malware spreading via a ThinkPHP Remote Code Execution (RCE) vulnerability. Read more.

Silex malware

An Analysis of Godlua Backdoor

Source: Netlab

The file itself is a Lua-based Backdoor, we named it Godlua Backdoor as the Lua byte-code file loaded by this sample has a magic number of “God”. Read more.

disseminate ransomware

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

Source: The Hacker News

A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) and holding users’ important data hostage until a ransom is paid. Read more.

install ransomware

Rogue Android apps ignore your permissions

Source: Sophos

New research has revealed that apps are snooping on data including location and the phone’s unique ID number – even when users haven’t given permission. Read more.

install ransomware

GreenFlash Sundown exploit kit expands

Source: Malwarebytes

Exploit kit activity has been relatively quiet for some time, with the occasional malvertising campaign reminding us that drive-by downloads are still a threat. Read more.

install ransomware

Houdini Worm Transformed in New Phishing Attack

Source: Cofense

The Cofense Phishing Defense Center™ (PDC)[…] identified a new variant of Houdini Worm targeting commercial banking customers with campaigns containing either URLs, .zip, or .mht files. Read more.