Lucene search
K

24 matches found

The Hacker News
The Hacker News
added 2022/08/29 10:15 a.m.48 views

Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software

A Turkish-speaking entity called Nitrokod has been attributed to an active cryptocurrency mining campaign that involves impersonating a desktop application for Google Translate to infect over 111,000 victims in 11 countries since 2019. "The malicious tools can be used by anyone," Maya Horowitz,...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/28 6:59 a.m.317 views

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data...

10CVSS1.9AI score0.99999EPSS
Exploits521
Microsoft Secure
Microsoft Secure
added 2021/12/12 5:29 a.m.313 views

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

January 10, 2022 recap – The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe. This open-source component is widely used across many suppliers’ software and services. By nature of Log4j being a component, the vulnerabilities affect not only...

10CVSS9.8AI score0.99999EPSS
Exploits416
ThreatPost
ThreatPost
added 2020/12/11 7:41 p.m.87 views

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

An innovative Linux-based cryptocurrency mining botnet has been uncovered, which exploits a disputed PostgreSQL remote code-execution RCE vulnerability to compromise database servers. The malware is unusual and completely novel in a host of ways, researchers said. According to researchers at Palo...

9CVSS7.5AI score0.91877EPSS
Exploits17References5
The Hacker News
The Hacker News
added 2020/12/01 8:54 a.m.5 views

Nation-State Hackers Caught Hiding Espionage Activities Behind Crypto Miners

A nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research. Attributing the shift to a threat actor tracked as Bismuth, Microsoft's Microsoft 365 Defender...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/11/30 10:30 p.m.73 views

Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them

Cryptocurrency miners are typically associated with cybercriminal operations, not sophisticated nation state actor activity. They are not the most sophisticated type of threats, which also means that they are not among the most critical security issues that defenders address with urgency. Recent...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/07 9:51 a.m.45 views

ALERT! Hackers targeting IoT devices with a new P2P botnet malware

Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. Discovered by Qihoo 360's Netlab security team, the HEH Botnet — written in Go language a...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/09/03 7:2 p.m.76 views

A week in security (August 26 – September 1)

Last week on Malwarebytes Labs, we analysed the Android xHelper trojan, we wondered why the Nextdoor app would send out letters on behalf of their customers, reported about a study that explores the clickjacking problem across top Alexa-ranked websites, wondered how to get the board to invest in...

0.7AI score
Exploits0
myhack58
myhack58
added 2019/06/26 12:0 a.m.485 views

Ann Day honey network capture“use of the ElasticSearch Groovy vulnerability Monroe coin(Dog)mining”event analysis-vulnerability warning-the black bar safety net

1, Overview 2019 6 May 13, Ann Day honey network capture to use CVE-2015-1427ElasticSearch Groovyremote command execution vulnerability attacks. The vulnerability principle is Elaticsearch groovy as a scripting language, and based on the use of black and white lists of the sandbox mechanism to...

7.5CVSS9.8AI score0.99906EPSS
Exploits19
ThreatPost
ThreatPost
added 2019/04/23 5:30 p.m.69 views

Exploits for Social Warfare WordPress Plugin Reach Critical Mass

UPDATE Active exploits for a recently disclosed bug in a popular WordPress plugin, Social Warfare, are snowballing in the wild – potentially putting more than 40,000 websites at risk. The vulnerability, CVE-2019-9978, tracks both a stored cross-site scripting XSS vulnerability and a remote...

4.3CVSS0.6AI score0.73543EPSS
Exploits18References11
Carbon Black Blog
Carbon Black Blog
added 2019/03/26 5:0 p.m.88 views

Real World Examples Demonstrating the Need for Mature Threat Hunting

A recent article discussed the keys to becoming a level 4 maturity threat hunting program. This article will bring these concepts into the real world by discussing examples of attacks that required that high level of threat hunting maturity to find them and defend against them. The case studies...

7.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/02/07 1:0 p.m.93 views

Trend Micro Security’s 2019 Release Protects You Better Than Ever Against Ransomware, Coin-mining, Banking, and E-Commerce Threats

2019 has barely gotten started, but by Q4 of 2018 Trend Micro had already seen a 956% increase in coin-mining malware detections for the year-to-date—right alongside the persistent threat of ransomware and online banking and e-commerce hacks designed to steal your identity or your money. Folks ca...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2019/02/01 10:32 a.m.2 views

New Mac Malware Targets Cookies to Steal From Cryptocurrency Wallets

Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts. Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2018/09/19 3:32 p.m.6 views

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new...

9.8CVSS7.3AI score0.98518EPSS
Exploits19
The Hacker News
The Hacker News
added 2018/09/19 3:32 p.m.249 views

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new...

9.8CVSS0.3AI score0.98518EPSS
Exploits19
Akamai Blog
Akamai Blog
added 2018/08/22 4:55 p.m.63 views

How's that Security Back Door Doing? (Part 2)

In the first part of this blog post I wrote about how recursive DNS rDNS is an attack surface that many enterprises don't currently protect. Bad actors are exploiting that fact and developing advanced targeted threats that use DNS to bypass conventional security tools such as firewalls, secure we...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2018/08/09 2:51 p.m.62 views

Qualys BrowserCheck CoinBlocker Protects Users From Active Cryptojacking Campaigns

Qualys Malware Research Labs recently released the Qualys BrowserCheck CoinBlocker Chrome Extension. We have seen enthusiastic adoption from users across the globe in the first week since its release, which has given us enough telemetry data to indicate success in protecting users from popular...

7.1AI score
Exploits0
myhack58
myhack58
added 2018/04/25 12:0 a.m.26 views

Mining of the virus through the Flash vulnerability propagation, a careful computer becomes mine machine-vulnerability warning-the black bar safety net

4 on 24 May, tinder the security team Alarm, the virus groups the use of Adobe Flash vulnerability propagation mining viruses. Virus gang the mining program implanted to the game download Station“52pk”, www.52pk.com when the user visits the website, the poison page to show after, without any...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/17 4:0 p.m.141 views

A coin miner with a “Heaven’s Gate”

You might call the last two years the years of ransomware. Ransomware was, without a doubt, the most popular type of malware. But at the end of last year, we started observing that ransomware was losing its popularity to coin miners. It is very much possible that this trend will grow as 2018...

7.6AI score
Exploits0
FireEye
FireEye
added 2016/06/20 12:0 p.m.26 views

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

7.2AI score
Exploits0References1
Rows per page
Query Builder