Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2022/11/09 11:1 a.m.346 views

Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network

The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet. Called Cloud9 by security firm Zimperium, the malicious browser add-...

10CVSS1.3AI score0.94996EPSS
Exploits70
hivepro
hivepro
added 2022/06/02 1:36 p.m.13 views

Enemybot malware expands its arsenal by exploiting well-known vulnerabilities

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary EnemyBot, a Mirai-based botnet, is expanding its arsenal by exploiting well-known vulnerabilities in log4j, VMware workspace, Spring Framework, and others. Keksec, also known as Nero and Freakout, is the threat...

3.9AI score
Exploits0
ThreatPost
ThreatPost
added 2022/05/31 12:24 p.m.120 views

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...

10CVSS10AI score0.99999EPSS
Exploits474References16
The Hacker News
The Hacker News
added 2022/05/30 10:30 a.m.6213 views

EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems CMS. "The malware is rapidly adopting one-day vulnerabilities as part of its...

10CVSS0.2AI score0.99997EPSS
Exploits162
The Hacker News
The Hacker News
added 2022/04/14 10:7 a.m.129 views

New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt

A threat group that pursues crypto mining and distributed denial-of-service DDoS attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things IoT devices since last month. "This botnet is mainly derived from Gafgyt's source code but h...

10CVSS1.4AI score0.99857EPSS
Exploits50
Rows per page
Query Builder