Read: Our Top Picks for 2018’s Biggest Cybersecurity Stories… So Far

Our threat research team's been burning the candle at both ends this year, what with the sheer number of nasties out there at any given time. But with so many to choose from, how did we populate a list with just seven cybersecurity threats, and why? For one, it'll take the rest of the year to...

Cb ThreatSight Investigation Reveals RETADUP Worm Leverages AutoIt to Launch Monero Cryptomining Campaign

While monitoring a customer’s environment, the Carbon Black ThreatSight team discovered a series of unusual alerts. Further investigation of the suspect processes revealed these alerts were related to an attacker leveraging the open-source Monero framework to launch a crypto-mining campaign. Afte...

World Cup 2018: malware attacks gunning for goal

World Cup 2018 is upon us and in full swing, bringing together 32 nations for a month of footballing to see who'll be crowned World Champion. With the tournament underway, we thought it'd be fun to see which of the footballing powerhouses also expended a similar amount of energy fighting off...

Malicious Docker Containers Earn Cryptomining Criminals $90K

UPDATE Seventeen malicious Docker containers earned cryptomining criminals $90,000 in 30 days in what could be a harbinger of things to come. The figure may seem tame compared to some of the larger paydays that cryptojackers have earned. But, researchers at Kromtech Security Center warn container...

Operation Prowli Profits On Weak IoT Devices, Servers

A malicious campaign has compromised more than 40,000 machines globally, carrying out traffic-hijacking and cryptomining. Researchers at Guardicore Labs, who called the campaign Operation Prowli, said it targets a variety of platforms – including Drupal CMS websites, WordPress sites, backup serve...

Auth0 Glitch Allows Attackers to Launch Phishing Attacks

UPDATE Researchers are warning of a glitch in the Auth0 identity-as-a-service offering, which could allow bad actors to spoof a legitimate website and collect sensitive information from visitors. Researchers at Imperva on Tuesday found that the subdomain names of Auth0 are susceptible to security...

A week in security (May 28 – June 3)

Last week on Labs, we talked about the significance of SEO poisoning in the world of search marketing, blackmail attempts against financial institutions in Canada, voice command flaws in smart assistants, survey and potential phishing scams on Instagram, and the latest changes in Office 365. We...

Multilingual malware hits Android devices for phishing & cryptomining

By Waqas Roaming Mantis malware also targets iOS devices for phishing attacks. This is a post from HackRead.com Read the original post: Multilingual malware hits Android devices for phishing & cryptomining...

Roaming Mantis Swarms Globally, Spawning iOS Phishing, Cryptomining

The Roaming Mantis mobile banking trojan is roaming further afield than it ever has before. Recent analysis shows that the malware has rapidly evolved just in the past month. It’s now targeting Europe and the Middle East in addition to Asian countries. According to researchers, it’s following the...

One Year After WannaCry: A Fundamentally Changed Threat Landscape

It’s been one year this week since the ransomware known as WannaCry infected more than 200,000 machines in 150 countries, causing billions of dollars in damages and grinding global business to a halt. The speed and scale of the attack – helped along by leaked National Security Agency hacking tool...

Malicious Chrome extensions found stealing data with cryptomining malware

By Waqas Nigelthorm malware targets both Windows and Linux based devices. Using malware This is a post from HackRead.com Read the original post: Malicious Chrome extensions found stealing data with cryptomining malware...

New Facebook-Spread Malware Triggers Credential Theft, Cryptomining

A new malware campaign rapidly spreading via Facebook is infecting victims’ systems to steal their social media credentials and download cryptomining code. The malware, dubbed Nigelthorn by the Radware researchers who first discovered it, is being propagated via socially engineered links on...

MassMiner Takes a Kitchen-Sink Approach to Cryptomining

Though it falls squarely into the trend of cryptominers setting their sights on the Monero virtual currency, the MassMiner malware family is adding its own special somethin’-somethin’ to the mix. It targets Windows servers with a variety of recent and well-known exploits – all within a single...

Kitty Cryptomining Malware Cashes in on Drupalgeddon 2.0

Yet another bad actor has taken advantage of Drupal sites still vulnerable to “Drupalgeddon 2.0,” this time to mine cryptocurrency. The bad script, dubbed the “Kitty” cryptomining malware, takes advantage of the known critical remote-code execution vulnerability in Drupal CVE-2018-7600 to target...

Ransomware Attack Hits Ukrainian Energy Ministry, Exploiting Drupalgeddon2

The Ukrainian Energy Ministry has been hit by a ransomware attack – and for once it looks like this is the work of amateurs, not nation-state attackers bent on making a geopolitical point. However, the bad actors appear to have made use of the recently patched Drupal vulnerability, pointing out y...

Cryptominer Malware Threats Overtake Ransomware, Report Warns

SAN FRANCISCO – Cryptomining malware is the top threat to watch out for this year, according to a new report – with attacks jumping higher than ransomware instances in the first quarter of 2018. A new report by Comodo Cybersecurity, released Tuesday at RSA Conference 2018, found that cryptominers...

Critical Vulnerability in Drupal CMS Used for Cryptomining

By Uzair Amir For your information, Drupal is also an open-source content management This is a post from HackRead.com Read the original post: Critical Vulnerability in Drupal CMS Used for Cryptomining...

Labs CTNT report shows shift in threat landscape to cryptomining

It's that time again! Time for the quarterly Malwarebytes Labs Cybercrime Tactics and Techniques report aka the Labs CTNT report. To get a more complete picture of what's been going on in cybercrime this quarter, the Labs team has combined intel and statistics gathered from January through March...

Rarog Trojan ‘Easy Entry’ For New Cryptomining Crooks, Report Warns

A malware family called Rarog is becoming an appealing and affordable tool for hackers to launch cryptocurrency mining attacks, researchers say. They say the Trojan is low priced, easily configurable and supports multiple cryptocurrencies, making it an appealing option for hackers. Palo Alto...

Malicious cryptomining and the blacklist conundrum

When Coinhive first came out in September of 2017, it was fairly easy to identify websites using browser miners by looking for a few lines referencing the Coinhive API within the HTML source code. Because this was a new phenomenon, even bad actors didn't have to hide their intentions, and...