Prometei botnet uses NSA exploit, hits unpatched MS exchange servers

By Waqas Unpatched MS Exchange Servers are being hunted by Prometei botnet to expand its army of Monero cryptocurrency mining bots. This is a post from HackRead.com Read the original post: Prometei botnet uses NSA exploit, hits unpatched MS exchange servers...

Cryptojacking botnet Prometei uses NSA exploit to steal data, mine Monero

By Waqas Prometei botnet targets Windows devices. Cisco Talos' threat intelligence team published a report revealing startling details of how cybercriminals are continually reinventing the way they can monetize their malicious tools and techniques. Reportedly, Cisco Talos researchers discovered a...

PyRoMine Uses NSA Exploit for Monero Mining and Backdoors

The ShadowBrokers’ release of a trove of National Security Agency exploits last year appears to be the gift that keeps on giving, to the hacker community at least: A fresh malware that uses the EternalRomance tool has hit the scene, with Monero-mining as the stated goal. However, more damaging...

Fileless WannaMine Cryptojacking Malware Using NSA Exploit

By Waqas Forget WannaCry and welcome WannaMine, a fileless cryptojacking malware using This is a post from HackRead.com Read the original post: Fileless WannaMine Cryptojacking Malware Using NSA Exploit...

Bad Rabbit Ransomware Uses Leaked 'EternalRomance' NSA Exploit to Spread

A new widespread ransomware worm, known as "Bad Rabbit," that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims' networks. Earlier it was reported that this week's...

Bad Rabbit Linked to ExPetr/Not Petya Attacks

A link has been confirmed between the Bad Rabbit ransomware outbreak detected yesterday in major organizations in Russia and Ukraine and this summer’s ExPetr/Not Petya attacks. Researchers at Kaspersky Lab said there are “clear ties” between the two attacks though one major piece of the puzzle is...

All this EternalPetya stuff makes me WannaCry

Another week goes by and yet again we have another ransomware outbreak initially dropped by a malicious software update and eventually spreading within internal networks using several methods - including EternalBlue - the leaked exploit from the ShadowBrokers group. Security researchers can’t see...

Available Tools Making Dent in WannaCry Encryption

Tools are beginning to emerge that can be used to start the process of recovering files encrypted by WannaCry on some Windows systems. This takes on extra urgency because today marks one week from the initial outbreak, and files encrypted during that first wave are on the clock and close to being...

PATCH Act Calls for VEP Review Board

The U.S. government took the first steps toward codifying the Vulnerabilities Equities Process into law yesterday through the introduction of the Protecting Our Ability to Counter Hacking PATCH Act of 2017. The VEP is the internal process by which the government decides which software...

Cisco Exploit Leaked in NSA Hack Modifies to Target Latest Version of Firewalls

Recently released NSA exploit from "The Shadow Brokers" leak that affects older versions of Cisco System firewalls can work against newer models as well. Dubbed ExtraBacon, the exploit was restricted to versions 8.4.4 and earlier versions of Cisco's Adaptive Security Appliance ASA – a line of...