30 matches found
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. "Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated,...
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the sourc...
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems,...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2022-26134check The script is used to check remotely if...
Malicious code in rrequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 06f65269b50b6cebcd54c9be1a267f52626bc95f94d9e0ebcbe89c86b03488ec Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in reequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 527aece3e73d2bd7e861a39485ce31dd5c649c35088b9787fad7479fbb634231 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7433 Malicious code in equests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b07d61adac5cc418902b2b527453dcd02eacb4411a61ea7456c8a9546479e59a Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requestts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c0ffc8f86c690c110698019cf875b931478cfd7c059ea4da99532950ae57829 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requeests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4f52373c3c99a0107c5d679e9ec09cd42dd3260168c30a3b20246bb5b2109861 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7437 Malicious code in requess (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx c2f8ad6ce2f92726fe81822a7b0221d62e01f1c48c7eb6ad87e0758cfca42ccf Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in reqquests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b9a54f366ac9633e5aee64e1efffcdcfb633b5b78922b33ceb6e32ce7d64ca51 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in equests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b07d61adac5cc418902b2b527453dcd02eacb4411a61ea7456c8a9546479e59a Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7441 Malicious code in reuests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8595aba5fb09b2fb54831d18452e4a1980daf222f8ea4d62b50d29446419c309 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requessts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 281d687d37b55f2d202f7ae0a8b421b286a71ebd2992bf7608ebe030ec6f8e53 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7438 Malicious code in requessts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 281d687d37b55f2d202f7ae0a8b421b286a71ebd2992bf7608ebe030ec6f8e53 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7439 Malicious code in requestts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c0ffc8f86c690c110698019cf875b931478cfd7c059ea4da99532950ae57829 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in reuests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8595aba5fb09b2fb54831d18452e4a1980daf222f8ea4d62b50d29446419c309 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requuests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx add900896883e60604145a44ada9b8e7fb1013ea91ee1b719b7b3e26a94824ae Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requess (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx c2f8ad6ce2f92726fe81822a7b0221d62e01f1c48c7eb6ad87e0758cfca42ccf Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Sysrv-K Botnet Targets Windows, Linux
Unpatched vulnerabilities in the Spring Framework and WordPress plugins are being exploited by cybercriminals behind the Sysrv botnet to target Linux and Windows systems. The goal, according to researchers, is to infect systems with cryptomining malware. The botnet variant is being called Sysrv-K...