The second half of February 2019 continued to highlight server vulnerabilities with a Linux ransomware named B0r0nt0K making headlines. There’s a useful privacy resource about the pros and cons – along with how-tos – for deleting oneself from social media amid the slew of related privacy concerns that surface regularly, if not daily.

For more articles, check out our #onpatrol4malware blog.

Linux ransomware

A Peek into BRONZE UNION’s Toolbox

Source: Secureworks

In 2018, CTU researchers identified evidence of BRONZE UNION leveraging tools that have been publicly available for years. However, the variants used in 2018 included updated code. Read more.

Linux ransomware

Magecart Group 4: Never Gone, Always Advancing

Source: RiskIQ

After our researchers surface more Magecart instances in RiskIQ’s automated detection, attribution is usually the final step in our analysis. Read more.

Linux ransomware

New detection method indentifies cryptomining and other fileless malware attacks

Source: TechRepublic

A joint press release touts the new memory-based attack detection method as “a 10x improvement in scanning time with no increase in CPU usage,” as well as a significant increase to detection rates. Read more.

Linux ransomware

New browser attack lets hackers run bad code even after users leave a web page

Source: ZDNet

Academics from Greece have devised a new browser-based attack that can allow hackers to run malicious code inside users’ browsers even after users have closed or navigated away from the web page on which they got infected. Read more.

Linux ransomware

Monero Miner-Malware Uses RADMIN, MIMiKATZ to Infect, Propogate via Vulnerability

Source: Trend Micro

Between the last week of January to February, we noticed an increase in hack tool installation attempts that dropped seemingly random files into the Windows directory. Read more.

Linux ransomware

Understanding the Darknet and Its Impact on Cybersecurity

Source: Radware

The darknet is a very real concern for today’s businesses. In recent years, it has redefined the art of hacking and, in the process, dramatically expanded the threat landscape that organizations now face. Read more.

Linux ransomware

The Muncy Malware is on the Rise

Source: Security Affairs

Muncy is the name dubbed by SI-LAB that analyzed this threat. Now, the malware is targeting user’s worldwide and has been spread via phishing campaigns. Read more.

Linux malware

Should You Delete Yourself from Social Media?

Source: Malwarebytes

You’re feeling like you’ve had enough. All the recent news—from Facebook’s Cambridge Analytica snafu to various abuses of Twitter vulnerabilities—has you wondering: Should I delete myself from social media? Read more.

Linux ransomware

B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers

Source: Bleeping Computer

A new Linux ransomware called B0r0nt0K is encrypting victim’s web sites and demanding a 20 bitcoin, or approximately $75,000, ransom. Read more.

Linux ransomware

Identifying Cobalt Strike team servers in the wild

Source: Fox IT

Cobalt Strike is a framework designed for adversary simulation. It is commonly used by penetration testers and red teamers to test an organization’s resilience against targeted attacks, but has been adopted by an ever increasing number of malicious threat actors. Read more.