Based in silicon valley, california, security brief is a blog by chris louie. his posts discuss current information security affairs

CCleaner malware attack worse than initially reported.

CCleaner malware attack worse than initially reported.

The 32-bit installer version of the v5.33 of CCleaner was maliciously modified to install a backdoor which reached out to a remote C2 (Command & Control) server. The   backdoor malware was able to  receive commands and download additional malware payloads. The infected version of CCleaner was downloaded over 2 million times.

ccleaner.png

 

According to Talos, the malware would do a reverse DNS check to resolve the domain of the infected machine.  If the domain matched one of 20 pre-defined domains, a secondary payload would be downloaded to the infected machine.

This represents a sophisticated and targeted attack against these organizations, presumably to steal intellectual property.

http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html

US Government Bans Kaspersky Software Following Discovery by Israeli Government

US Government Bans Kaspersky Software Following Discovery by Israeli Government