Web / Internet Threats















        Shade Ransomware Is the Most Actively Distributed Malware via Email. During the first half of 2019, the
        Shade Ransomware (also known as Troldesh) was the most actively distributed malware via malicious email
        phishing campaigns according to Singapore-based Group-IB security outfit.       Out of all malspam emails
        detected and examined by Group-IB’s Computer Emergency Response Team (CERT-GIB), Shade Ransomware
        was the main malware strain used by attackers to infect their targets' computers in H1 2019. "Currently, three
        of the most widespread tools used in attacks tracked by Group-IB’s Computer Emergency Response Team have
        been Troldesh (53%), RTM (17%) and Pony Formgrabber (6%)," the researchers claim.
                Source:  https://www.bleepingcomputer.com/news/security/shade-ransomware-is-the-most-actively-
                distributed-malware-via-email/



        Google Confirms Android Camera Security Threat: ‘Hundreds Of Millions’ Of Users Affected. The security
        research team at Checkmarx has made something of a habit of uncovering alarming vulnerabilities, with past
        disclosures covering Amazon’s Alexa and Tinder. However, a  discovery of vulnerabilities affecting Google and
        Samsung smartphones, with the potential to impact hundreds of millions of Android users, is the biggest to
        date. What did the researchers discover? Oh, only a way for an attacker to take control of smartphone camera
        apps and remotely take photos, record video, spy on your conversations by recording them as you lift the
        phone to your ear, identify your location, and more. All of this performed silently, in the background, with the
        user none the wiser.  The vulnerabilities themselves (CVE-2019-2234) allowed a rogue application to grab
        input from the camera, microphone as well as GPS location data, all remotely.

                Source:  https://www.forbes.com/sites/daveywinder/2019/11/19/google-confirms-android-camera-
                security-threat-hundreds-of-millions-of-users-affected/#4551ccdb4f4e



        Linux, Windows Users Targeted With New ACBackdoor Malware. Researchers have discovered a new multi-
        platform backdoor that infects Windows and Linux systems allowing the attackers to run malicious code and
        binaries on the compromised machines. The malware dubbed ACBackdoor is developed by a threat group
        with experience in developing malicious tools for the Linux platform based on the higher complexity of the
        Linux variant as Intezer security researcher Ignacio Sanmillan found. "ACBackdoor provides arbitrary execution
        of shell commands, arbitrary binary execution, persistence, and update capabilities," the Intezer researcher
        found. Both variants share the same command and control (C2) server but the infection vectors they use to
        infect their victims are different: the Windows version is being pushed through malvertising with the help of
        the Fallout Exploit Kit while the Linux payload is dropped via a yet unknown delivery system.

                Source:  https://www.bleepingcomputer.com/news/security/linux-windows-users-targeted-with-new-
                acbackdoor-malware/










                                                    www.accumepartners.com
                                                                                                                    13