Yesterday was Patch Tuesday. The final Patch Tuesday of 2017. Yay! Of note: an out-of-band update from MS that was issued a critical flaw in the Malware Protection Engine (yes, part of the Windows Defender and MS Security Essentials. The irony). Read the details in full via Brian Kreb’s site here. It will roll through automatically via Windows Update, which you SHOULD have enabled. However, those don’t always go through smoothly. I have had some issues with this latest update. Here is the report from when the news came out last week. Critical Flaw in Microsoft’s Malware Protection Engine. Patch Issued.
For those who are still using Flash (because you have no choice) please install the updates and check for updates in your Chrome browser.
Necurs Botnet resumes: November marked a notable uptick in activity with this botnet. Necurs is now distributing Scarab ransomware, and was known for sharing the joy with Locky ransomware and others. Dormant does not mean dead. We need to remember this because it is an ongoing theme, and noticeably during 2017. Case in point will be with the recent takedown of the Andromeda botnet and the expectation that because of code released from the Mirai botnet, something bigger will be forming.
Mirai Botnet Arrests: But there is justice and it does get served. You can read more via Brian Krebs, who has played a major role in bringing this about.
New Variant of Cryptomix Ransomware: An update on one of the newer strains that are currently active. Remember the rules: Have current backups; don’t open attachments from unknown sources; get confirmation before you open attachments from known sources; scan attachments first. Update your security patches.