Hello, welcome to the Thursday, July 7th, 2016 edition of the Sandcented Storm Center's Stormcast.

My name is Johannes Ulrich, and the day I'm recording from Jacksonville, Florida.

We got an update on Crypt-Triplex today from Pratt.

He wrote up the latest version that he has seen in the wild and that he hasn't really seen described yet.

So with his diary as usual you get plenty of indicators of compromise that you can use in order to look for infections on your systems.

He calls it a new version of cryptraplex because the ransom note looks differently

than it has before. Also, some of the details of the behavior changed, which is why it's

important to look for these new indicators of compromise. Now, he saw it being installed by the

Neutrino Exploid Kit, which in turn the user was exposed to via the pseudo dark leech exploits that are used to infect websites that then are used to host this exploit kit and in turn crypt triplex.

And apparently we'll have to wait a while to get patches from Symantec for the latest

bugs that were discovered by Travis Ormandy of Google.

According to his Twitter feed, there's more testing underway and well, I understood it that

he actually even found more vulnerabilities there that may get addressed hopefully soon by

Symantec. So keep watching out for additional updates from Symantec for their antivirus engines.

And Checkpoint has another update on what they're calling the Hummingbat malware

that is commonly found on Android phones.

They, I believe, first talked about this back in February,

and essentially in this latest update they

provide more insight into the business behind this particular piece of malware or

adware turns out that it's actually sort of being installed as part of an

advertisement kit that the applications that run on Android often include in order to monetize

their software. But this particular software goes then well beyond just displaying ads. It will

...