Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2024/01/10 3:15 p.m.60 views

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining

A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. "The capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/15 10:11 a.m.77 views

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023. "The novel Dero cryptojacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening ...

1AI score
Exploits0
HackRead
HackRead
added 2022/11/25 2:18 p.m.16 views

Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner

By Habiba Rashid So far, researchers have identified approximately 50 phishing websites, all targeting MSI Afterburner to deliver malware. This is a post from HackRead.com Read the original post: Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner...

3.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/05/19 4:0 p.m.31 views

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices

In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as well as its usage of XOR-based...

7.8AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/13 8:24 p.m.42 views

COVID-Related Threats, PowerShell Attacks Lead Malware Surge

Surging numbers of COVID-themed attacks, PowerShell trojans, along with the SolarWinds compromise and the continued spread of Sunburst malware were major contributors to a massive spike in the number of observed attacks in the wild during the last half of 2020, which McAfee’s said averaged 588...

0.9AI score
Exploits0References15
The Hacker News
The Hacker News
added 2020/11/24 2:56 p.m.35 views

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonl...

0.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/11/07 9:5 p.m.3971 views

Microsoft works with researchers to detect and protect against new RDP exploits

On November 2, 2019, security researcher Kevin Beaumont reported that his BlueKeep honeypot experienced crashes and was likely being exploited. Microsoft security researchers collaborated with Beaumont as well as another researcher, Marcus Hutchins, to investigate and analyze the crashes and...

10CVSS0.2AI score0.99999EPSS
Exploits123
Malwarebytes
Malwarebytes
added 2019/06/26 6:30 p.m.114 views

GreenFlash Sundown exploit kit expands via large malvertising campaign

Exploit kit activity has been relatively quiet for some time, with the occasional malvertising campaign reminding us that drive-by downloads are still a threat. However, during the past few days we noticed a spike in our telemetry for what appeared to be a new exploit kit. Upon closer inspection ...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/06/14 2:4 p.m.116 views

Millions of Linux Servers Under Worm Attack Via Exim Flaw

A widespread campaign is exploiting a vulnerability in the Exim mail transport agent MTA to gain remote command-execution on victims’ Linux systems. Researchers say that currently more than 3.5 million servers are at risk from the attacks, which are using a wormable exploit. Specifically under...

7.5CVSS9.7AI score0.99961EPSS
Exploits27References11
ThreatPost
ThreatPost
added 2019/01/17 2:3 p.m.15 views

Cryptomining Malware Uninstalls Cloud Security Products

Researchers say they have discovered a unique malware family capable of gaining admin rights on targeted systems by uninstalling cloud-security products. Instances of the malicious activity are tied to coin-mining malware targeting Linux servers. Palo Alto Networks’ Unit 42, which published the...

7.5AI score
Exploits0References5
Microsoft Secure
Microsoft Secure
added 2018/06/07 1:0 p.m.25 views

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/08 4:0 p.m.35 views

Kuik: a simple yet annoying piece of adware

Some pieces of malware can be so simple—and yet such a pain to get rid of—especially when they start interfering with your system's configuration. This much is true for the Kuik adware program, which surprised us all by forcing affected machines to join a domain controller. The perpetrators are...

0.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/04/04 3:0 p.m.146 views

Hunting down Dofoil with Windows Defender ATP

Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018. In previous blog posts we detailed how behavior monitoring and machine learning in Windows Defender AV protected customers from a massive Dofoil outbreak that we...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/30 8:1 p.m.57 views

A week in security (October 23 – October 29)

Welcome back to "A week in security." Last week, we took a look at how deleted files can be recovered, explored the BadRabbit ransomware plague attacking Eastern Europe including a deep dive into the code, and talked about what it takes to work in security. One of our researchers, who is a PhD...

6.9AI score
Exploits0
Rows per page
Query Builder