September 23, SecurityWeek – (International) Locky ransomware fuels surge in .RAR JavaScript attachments. Trend Micro security researchers reported the Locky ransomware was responsible for an increase in certain methods of malware delivery after finding that during the first half of 2016, 58 percent of ransomware threats were delivered via email attachments including JavaScript, VBScript, and Microsoft Office files with macros. The researchers also reported that the malicious emails used to deliver the ransomware contained similar subject lines involving invoices, banking transactions, and parcel delivery, among other subjects, and stated the emails used social engineering to determine which victims to target. Source
September 23, SecurityWeek – (International) Xiny Android trojans can infect system processes. Doctor Web security researchers discovered the Android.Xiny trojans, which are distributed through popular Websites and official app stores, received updates which enable the trojans to inject themselves into system applications, thereby allowing the trojans to launch malicious plug-ins. Doctor Web researchers also found the malware was updated to include an immutable Android application package (APK) file to ensure the trojan cannot be deleted. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report