Even with low usage rates, new exploit kits have been found targeting Internet Explorer, says Malwarebytes in their fall report. Secure List’s article about Q3 spam and phishing highlight Amazon impersonations with special offers. Read these articles and more in the last two weeks of industry news handpicked by the Malware Patrol Team.

For more articles, check out our #onpatrol4malware blog.

malicious Microsoft Office documents

Improve Your Detection Capabilities With Cyber Simulation Datasets

Source: Security Intelligence

Your security incident detection capabilities are at the heart of your organization’s incident response plan. After all, if you are unable to recognize incidents, it is not possible to start an incident response plan. Read more.

exploit kits

The cybercrime ecosystem: attacking blogs

Source: SecureList

The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. Read more.

IOT

Mac Backdoor Linked to Lazarus Targets Korean Users

Source: TrendMicro

Criminal interest in MacOS continues to grow, with malware authors churning out more threats that target users of the popular OS. Read more.

exploit kits

Exploit kits: fall 2019 review

Source: MalwareBytes LAB

Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge. Read more.

exploit kits

Ransomware Attackers Leak Stolen Data

Source: Gov Info Security

Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim’s files to create pressure to pay a ransom. Read more.

malicious Microsoft Office documents

ACBackdoor: Analysis of a New Multiplatform Backdoor

Source: Intezer

We have discovered an undetected Linux backdoor which does not have any known connections to other threat groups. Windows was found with variants of the same malware. Read more.

malicious Microsoft Office documents

Spam and phishing in Q3 2019

Source: Secure List

In Q3, we registered numerous scam mailings related to Amazon Prime. Most of the phishing emails with a link to a fake Amazon login page offered new prices or rewards for buying things, or reported problems with membership, etc. Read more.

exploit kits

Dexphot Malware Hijacked 80K+ Devices to Mine Cryptocurrency

Source: Threat Post

Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Read more.

malicious Microsoft Office documents

A Glimpse Into Tencent’s Legu Packer

Source: Quarkslab

This blog post deals with the Legu packer, an Android protector developed by Tencent that is currently one of the state-of-the-art solutions to protect APK DEX files. Read more.

malicious Microsoft Office documents

The Role of Evil Downloaders in the Android Mobile Malware Kill Chain

Source: Security Intelligence

The spread of malware from user PCs to handheld devices such as smartphones has been a gradual process that started gaining momentum about a decade ago. Read more.

exploit kits

Meet PyXie: A Nefarious New Python RAT

Source: Threat Vector

BlackBerry Cylance researchers have recently discovered a previously unnamed Python RAT we’re calling PyXie. PyXie has been observed in the wild since at least 2018 without much attention from the cybersecurity industry. Read more.

malicious Microsoft Office documents

Dridex Malware

Source: Cyber Infrastructure

This Alert is the result of recent collaboration between the Department of the Treasury Financial Sector CIG and the Department of the Treasury’s FinCEN to identify and share information with the financial services sector. Read more.