Lucene search
+L

6 matches found

thn
thn
added 2024/06/06 1:14 p.m.31 views

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw CVE-2023-33246 for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary "pty3", and...

9.8CVSS8.3AI score0.96604EPSS
Exploits11
thn
thn
added 2024/01/09 1:45 p.m.53 views

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Poorly secured Microsoft SQL MS SQL servers are being targeted in the U.S., European Union, and Latin American LATAM regions as part of an ongoing financially motivated campaign to gain initial access. "The analyzed threat campaign appears to end in one of two ways, either the selling of 'access'...

8.2AI score
Exploits0
thn
thn
added 2023/07/20 4:56 p.m.39 views

Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks

Mallox ransomware activities in 2023 have witnessed a 174% increase when compared to the previous year, new findings from Palo Alto Networks Unit 42 reveal. "Mallox ransomware, like many other ransomware threat actors, follows the double extortion trend: stealing data before encrypting an...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/14 10:51 a.m.23 views

Trigona Ransomware Targets Improperly Managed MS-SQL Servers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Trigona ransomware is installed on vulnerable MS-SQL servers that are not properly managed, allowing attackers to execute malicious commands and encrypt files without distinguishing file extensions. To...

7.1AI score
Exploits0
akamaiblog
akamaiblog
added 2020/04/01 2:56 p.m.13 views

The Vollgar Campaign: MS-SQL Servers Under Attack

Guardicore Labs uncovers an attack campaign that’s been under the radar for almost two years, breaching MS-SQL servers and infecting them with remote-access tools and cryptominers...

7AI score
Exploits0
threatpost
threatpost
added 2019/05/29 1:0 p.m.161 views

50k Servers Infected with Cryptomining Malware in Nansh0u Campaign

Up to 50,000 servers were infected over the past four months as part of a high-profile cryptojacking campaign, believed to orchestrated by Chinese-language adversaries. Researchers with Guardicore Labs, who disclosed the campaign Wednesday, said that the Nansh0u​ campaign named due to a text file...

7.2CVSS0.1AI score0.87042EPSS
Exploits22References6
Rows per page
Query Builder