Weekly Comments

31 December - 8 January 2019

Hackers had a blast in 2018. How about cybersecurity providers and other companies?
The first week of 2019 brought news about the active spreading in Asia of the newest version of the NRSMiner cryptominer, which has been using the EternalBlue exploit to propagate within a local network. Most of the infected systems are in Vietnam. NRSMiner can download a cryptocurrency miner, download updated modules, and delete files and services installed by previous versions of NRSMiner. Once EternalBlue is exploited, attackers will also install the DoublePulsar backdoor. We advise organisations to install patches for EternalBlue (MS17-010) and disable SMBv1 as soon as possible.

In addition, Adobe has released an out-of-band security update for two critical vulnerabilities in Adobe Acrobat and Adobe Reader that could lead to privilege elevation and arbitrary code execution. CVE-2018-16018 allows a remote attacker to bypass security restrictions and gain elevated privileges by persuading a victim to open a specially crafted document. CVE-2018-16011 allows a remote attacker to execute arbitrary code on a targeted system due to a use-after-free error, by persuading a victim to open a specially crafted document. Though attackers have not been seen exploiting these two critical vulnerabilities in the wild, we advise organisations to install the latest patches to protect themselves from potential attacks. 

References:
[1] NRSMiner updates to newer version 
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Solutioning

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence