Krebs on Security

JULY 23, 2020

As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. In the days that followed, the DFS and U.S.

Insurance 307

Insurance Financial Services Mining Access 307

Security Affairs

APRIL 27, 2020

The VictoryGate bot propagates via infected USB devices, it was designed to mine Monero abusing resourced of compromised devices, it is also able to deliver additional payloads. The security firm with the help of No-IP and the non-profit Shadowserver Foundation was able to take them all down. ” continues the analysis.

Mining 105

Mining Communications IT Cybersecurity 105

Security Affairs

FEBRUARY 15, 2019

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. ” reads the analysis published by Symantec. Then the mining script is activated and starts abusing devices resources to mine Monero cryptocurrency.

Mining 92

Mining Libraries Analytics Security 92

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. ” reads the analysis published by Guardicore.

Mining 109

Mining Passwords Education Cybersecurity 109

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. ” reads the analysis published by the researchers. ” concludes the post.

IoT 120

IoT Mining Communications IT 120

Security Affairs

JUNE 1, 2019

” reads the analysis published by Trend Micro. “The script then calls a Monero coin-mining binary, darwin (detected as PUA.Linux.XMRMiner.AA), to run in the background. As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.”

Mining 94

Mining Honeypots Cloud Passwords 94

Security Affairs

NOVEMBER 26, 2019

Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency , according to the experts it has already infected 80,000 computers worldwide. . Pierluigi Paganini.

File names 125

File names Encryption Mining Security 125

Security Affairs

APRIL 30, 2020

— Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020. ” reads the Tweet published by the Microsoft Security Intelligence team. . ” reads the Tweet published by the Microsoft Security Intelligence team. The in-memory DLL then injects a coin-mining code into notepad.exe through process hollowing.

Mining 84

Mining File names Risk Cybersecurity 84

Security Affairs

AUGUST 5, 2018

A security researcher discovered a new crypto mining worm dubbed ZombieBoy that leverages several exploits to evade detection. The security researcher James Quinn has spotted a new strain of crypto mining worm dubbed ZombieBoy that appears to be very profitable and leverages several exploits to evade detection.

Mining 60

Mining Ransomware Security IT 60

Security Affairs

JANUARY 31, 2019

” reads the analysis published by PaloAlto Networks. CookieMiner configures the compromised systems to load coinmining software that appears like an XMRIG-type miner, but that mines Koto, a lesser popular cryptocurrency associated with Japan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Mining 89

Mining Authentication Blockchain Passwords 89

Security Affairs

JANUARY 4, 2019

” reads the analysis published by F-Secure. ” continues the analysis. The service creates multiple threads to carry out several malicious activities, such as data exfiltration and mining. Further information, including IoCs are reported in the analysis published by F.Secure. traduires[.]com

Mining 88

Mining File names Access IT 88

Security Affairs

FEBRUARY 22, 2021

Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. ” reads the analysis published by the researchers. ” continues the analysis. months, just by selling the APOMacroSploit product.”

Cleanup 114

Cleanup Phishing Mining Security 114

Security Affairs

JANUARY 28, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. “The group is using a new detection evasion tool, copied from open source repositories,” reads the analysis published by AT&T Alien Labs. . Pierluigi Paganini.

IT 122

IT Libraries Mining Security 122

Security Affairs

AUGUST 25, 2019

The best news of the week with Security Affairs. Malware Analysis Sandboxes could expose sensitive data of your organization. Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency. Hackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installs. Once again thank you!

Security 50

Security Mining Data breaches Libraries 50

Security Affairs

OCTOBER 28, 2018

Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. Experts pointed out that a Docker Engine is not properly secured could be exposed to remote attack through Docker Engine API. Docker Trusted Registry ).

Mining 86

Mining Systems administration Encryption Authentication 86

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos. Pierluigi Paganini.

Mining 82

Mining IT Security Information Security 82

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining 90

Mining Passwords IT Security 90

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. “Recently, 360 Total Security team intercepted a new worm PsMiner written in Go, which uses CVE-2018-1273, CVE-2017-10271, CVE-2015-1427, CVE-2014-3120 and other high-risk vulnerabilities ?

Mining 77

Mining Passwords Risk Security 77

Security Affairs

JUNE 11, 2020

Microsoft’s Azure Security Center (ASC) is warning of a hacking campaign that targets Kubeflow, a machine learning toolkit for Kubernetes. ” Hackers are targeting Kubernetes clusters because nodes used from ML operations have huge computational capabilies making them ideal for fraudulent mining purposes. Pierluigi Paganini.

Mining 86

Mining Access Security IT 86

Security Affairs

JUNE 22, 2019

Trend Micro recently discovered an Android crypto-currency mining botnet that can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). Security researchers at Trend Micro have discovered an new Android crypto-currency mining botnet that spreads via open ADB ( Android Debug Bridge ) ports and Secure Shell (SSH).

Mining 66

Mining Honeypots Authentication Communications 66

Security Affairs

OCTOBER 17, 2019

Researchers at Cyberbit spotted a crypto mining campaign that infected more than 50% of the European airport workstations. . Security experts at Cyberbit have uncovered a crypto mining campaign that infected more than 50% of the European airport workstations. . ” reads the analysis published by Cyberbit. .

Mining 63

Mining Security IT Information Security 63

Security Affairs

OCTOBER 17, 2019

Security experts at Palo Alto Networks discovered a worm dubbed Graboid that spreads using Docker containers. ” reads the analysis published by the experts. It installs the worm on the first target, stops the miner on the second target, and starts the miner on the third target, leading to a very random mining behavior.

Mining 53

Mining Ransomware Security IT 53

Security Affairs

JUNE 15, 2019

” reads the analysis published by Trend Micro. ” The AESDDoS malware is active since at least since 2014 and it was used to build large DDoS botnet. launching DDoS attacker, mining cryptocurrency, etc.). ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

File names 95

File names Mining Access Communications 95

Security Affairs

APRIL 26, 2019

Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. ” reads the analysis published Symantec. ” reads the analysis published Symantec. ” continues the analysis. “ Beapy ( W32.Beapy

Mining 58

Mining Archiving Phishing Passwords 58

Security Affairs

OCTOBER 15, 2019

The cybercrime organization was first spotted in April 2018 by researchers at Cisco Talos, earlier 2019 researchers from Palo Alto Networks Unit42 found new malware samples used by the Rocke group for cryptojacking that uninstalls from Linux servers cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud.

Mining 63

Mining Cloud Security Access 63

Security Affairs

AUGUST 12, 2018

The best news of the week with Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Newsletter ).

Security 43

Security MDM Mining Marketing 43

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. ” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads a blog post published by Intezer. gooobb ” file.

Mining 70

Mining Encryption IT Security 70

Security Affairs

AUGUST 28, 2019

Most of the infected systems were located in Latin America, more than 85% of victims did not have any security software installed. Since it was the C&C server’s responsibility to give mining jobs to the bots, none of the bots received any new mining jobs to execute after this takedown.” Une #PremièreMondiale !

Mining 87

Mining Ransomware IT Security 87

Security Affairs

FEBRUARY 27, 2019

Security researchers at Cisco Talos are warning of a spike in attacks on unsecured Elasticsearch clusters to drop cryptocurrency miners. Cisco Talos experts have reported a spike in the attacks that leverage known flaws to compromise unsecured Elasticsearch clusters and use them to mine crypto-currencies. Pierluigi Paganini.

Search queries 85

Search queries Honeypots File names Mining 85

Security Affairs

SEPTEMBER 29, 2018

Security researchers spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. ” reads the analysis published by Avast. ” continues the analysis. ” concludes the analysis. Automatic execution via injected code into ~.bashrc.

IoT 87

IoT Communications Mining Encryption 87

Security Affairs

FEBRUARY 19, 2019

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. Technical analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 75

Ransomware Mining File names Encryption 75

Security Affairs

JUNE 19, 2019

“The analysis showed the malware to have a few quite unpleasant features. ” reads the analysis published by Kaspersky. Post-analysis, the malware was named Backdoor.Win32.Plurox.” Further technical details, including IoCs are reported in the analysis published by Kaspersky. Pierluigi Paganini.

Mining 70

Mining Communications IT Access 70

Security Affairs

SEPTEMBER 19, 2019

In February 2018, researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. Further data, including Indicators of Compromise, are reported in the analysis published by the experts.

Mining 78

Mining Access IT Security 78

Security Affairs

SEPTEMBER 26, 2018

The botnet initially spread infecting unsecured IoT devices, mainly IP cameras, in July security experts from Fortinet discovered that the Hide ‘N Seek botnet was improved to target vulnerabilities in home automation systems. ” reads the analysis published by BitDefender. Security Affairs – HSN botnet, hacking ).

IoT 103

IoT Mining Access Security 103

Security Affairs

JUNE 5, 2019

Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. “Simultaneous with its attacks, BlackSquid also downloads and executes two XMRig cryptocurrency-mining components.! continues the analysis.

Mining 62

Mining File names Libraries IT 62

Security Affairs

NOVEMBER 26, 2018

Security experts from Russian antivirus firm Dr.Web have discovered a new strain of Linux cryptominer tracked as Linux.BtcMine.174. ” Reads the analysis published by Dr. Web. downloads and starts its own Monero-mining operation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Mining 85

Mining Passwords Security IT 85

Security Affairs

AUGUST 31, 2019

” reads the analysis published by the experts. In June, Trend Micro discovered an Android crypto-currency mining botnet that can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). . ” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT 81

IoT Passwords Mining Manufacturing 81