New malware family Xbash combines multiple threats targeting vulnerable Linux and Microsoft servers. Combining multiple payload capabilities, enterprises are recommended to patch and monitor patching and recovery procedures to mitigate this threat.
A review of the first half of 2018 shows a threat landscape that not only has constant and familiar features but also has morphing and uncharted facets: Ever-present threats steadily grew while emerging ones used stealth.
We discovered spam mails abusing EGG (.egg) files to deliver the GandCrab v4.3 ransomware. Additionally, the operators behind the spam mails appear to be specifically going after South Korean users, as evidenced by the use of Hangul in the spam mails.
Security researchers uncovered that a version of Jigsaw, an old ransomware, has resurfaced as a bitcoin stealer. Its operators have already netted 8.4 bitcoins (US$66,807 as of July 24, 2018) using the repurposed malware.
SAMSAM ransomware is suspected to hit systems used by the city of Atlanta's local services, causing outages on customer facing applications, including some that customers may use to pay bills or access court-related information.