2017, Mining and Security - Information Management Today

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

JANUARY 8, 2022

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. KG is a German multinational software company best known for their Avira Free Security (a.k.a. Founded in 2006, Avira Operations GmbH & Co.

Mining

Mining Privacy IT Security

Norton 360 Now Comes With a Cryptominer

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. In 2017, the identity theft protection company LifeLock was acquired by Symantec Corp. “Norton creates a secure digital Ethereum wallet for each user,” the FAQ reads.

Mining

Mining Computer and Electronics Blockchain Marketing

Cryptominer ELFs Using MSR to Boost Mining Process

Security Affairs

AUGUST 5, 2021

The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and increase the speed of the mining process by 15%. This is done to boost the miner execution performance, thereby increasing the speed of the mining process.

Mining

Mining Access IT Authentication

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

The Last Watchdog

AUGUST 3, 2018

Illicit crypto mining is advancing apace. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Related article: Illicit crypto mining hits cloud services. It’s likely IT and security teams won’t find the infection for months.

Mining

Mining Data breaches Ransomware Cloud

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Security Affairs

APRIL 28, 2024

Security experts at Deep Instinct Threat Lab have uncovered a targeted campaign against Ukraine, exploiting a Microsoft Office vulnerability dating back almost seven years to deploy Cobalt Strike on compromised systems. It’s a PPSX file, seemingly an outdated US Army manual for tank mine clearing blades (MCB).

Military

Military Mining Libraries Security

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus. All that was needed was the person’s name, address, birthday and Social Security number. states to place a security freeze on their credit files.

Security

Security Authentication Mining Cybersecurity

Court Rules in Favor of Mining LinkedIn User Data

Adam Levin

SEPTEMBER 23, 2019

A federal appellate court ruled that mining and aggregating user data publicly posted to social media sites is allowable by law. LinkedIn sent a cease-and-desist letter to hiQ in 2017 requesting that the company stop accessing and copying data from its servers.

Mining

Mining Passwords Privacy Access

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. Oracle WebLogic Server CVE-2017-10271 – versions 10.3.6.0.0,

Mining

Mining Cloud Access Security

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Ransomware

Ransomware Mining Communications IT

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Security Affairs

NOVEMBER 22, 2022

“They induced victims to enter into fraudulent equipment rental contracts with the defendants’ cryptocurrency mining service called HashFlare. The bad news for the investors is that HashFlare did not have the virtual currency mining equipment it claimed to have. ” reads the press release published by DoJ.

Mining

Mining Marketing IT Security

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

Security Affairs newsletter Round 318

Security Affairs

JUNE 13, 2021

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 318 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Security

Security Data breaches Mining Ransomware

Supply Chain Cyberattacks Surged 200% in 2017

Dark Reading

MARCH 22, 2018

Symantec's annual Internet Security Threat Report also shows that zero-day exploits fizzled and cryptocurrency mining exploded.

Mining

Mining Security

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. ” reads the alert published by CERT-UA. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Mining

Mining Passwords Government IT

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, DarkGate ) The post DarkGate malware campaign abuses Skype and Teams appeared first on Security Affairs.

Mining

Mining Ransomware Access IT

CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 22, 2023

Cybersecurity and Infrastructure Security Agency (CISA) added Looney Tunables Linux vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Multiple security researchers have already developed their own proof-of-concept exploits for this flaw. while processing the GLIBC_TUNABLES environment variable.

IT

IT Mining Cloud Cybersecurity

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

The Chaos malware supports more than 70 different commands, including executing propagation through the exploitation of pre-determined CVEs, launching DDoS attacks or starting crypto mining. Some samples analyzed by the experts were able to exploit the CVE-2017-17215 and CVE-2022-30525 , respectively impacting Huawei and Zyxel devices.

Mining

Mining Financial Services IT Security

Kinsing threat actors probed the Looney Tunables flaws in recent attacks

Security Affairs

NOVEMBER 4, 2023

Researchers are cloud security firm Aqua have observed threat actors exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables in attacks against cloud environments. Kinsing actors often exploited the PHPUnit vulnerability ( CVE-2017-9841 ) and it engaged in fully automated attacks as part of mining cryptocurrency.

Cloud

Cloud Mining Access Security

Interview with the Head of the NSA’s Research Directorate

Schneier on Security

FEBRUARY 3, 2022

“Everyone thinks their data is the messiest in the world, and mine maybe is because it’s taken from people who don’t want us to have it, frankly,” said Herrera’s immediate predecessor at the NSA, the computer scientist Deborah Frincke, during a 2017 talk at Stanford.

Big data

Big data Data science Mining Access

ZombieBoy, a new Monero miner that allows to earn $1,000 on a monthly basis

Security Affairs

AUGUST 5, 2018

A security researcher discovered a new crypto mining worm dubbed ZombieBoy that leverages several exploits to evade detection. The security researcher James Quinn has spotted a new strain of crypto mining worm dubbed ZombieBoy that appears to be very profitable and leverages several exploits to evade detection.

Mining

Mining Ransomware Security IT

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers.

Mining

Mining Libraries Analytics Security

Necro Python bot now enhanced with new VMWare, server exploits

Security Affairs

JUNE 4, 2021

Talos experts noticed that a version released on May 18 included Python versions of EternalBlue ( CVE-2017-0144 ) and EternalRomance ( CVE-2017-0147 ) exploits with a Windows download command line as the payload. The post Necro Python bot now enhanced with new VMWare, server exploits appeared first on Security Affairs.

Mining

Mining Passwords IoT Security

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

Security Affairs

APRIL 26, 2019

Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. “In the web server compromise, Beapy also attempted to exploit an Apache Struts vulnerability ( CVE-2017-5638 ). ” reads the analysis published Symantec.

Mining

Mining Archiving Phishing Passwords

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The post DirtyMoe botnet infected 100,000+ Windows systems in H1 2021 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Mining

Mining Passwords Communications IT

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

The new malware implement new and improved rootkit and worm capabilities, it continues to target cloud applications by exploiting known vulnerabilities such as Oracle WebLogic ( CVE-2017-10271 ) and Apache ActiveMQ ( CVE-2016-3088 ) servers. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. .

Cloud

Cloud Libraries Mining IT

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

This variant of Xbash is equipped to quietly uninstall any one of five popular types of cloud security protection and monitoring products used on such servers. The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Secure your phone. Targeting one device.

Privacy

Privacy Passwords Security Access

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

Security Affairs

OCTOBER 12, 2018

Security experts from IBM are targeting Drupal vulnerabilities, including the CVE-2018-7600 and CVE-2018-7602 flaws, aka Drupalgeddon2 and Drupalgeddon3 , to install a backdoor on the infected systems and tack full control of the hosted platforms. Security Affairs – Drupal, hacking ). Pierluigi Paganini.

Mining

Mining Security IT

Episode 186: Certifying Your Smart Home Security with GE Appliances and UL

The Security Ledger

JUNE 29, 2020

In this episode of the podcast (#186) we do a deep dive on the new IoT cyber security rating system from Underwriters' Lab. We talk with experts from GE about the process they used to obtain UL certification for a range of smart home appliances, managing device security over the decades and how a cyber security rating system may influence.

IoT

IoT Security Mining IT

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

The Last Watchdog

SEPTEMBER 18, 2018

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.”. Structured data can be human- or machine-generated, and is easily searchable information usually stored in a database, including names, Social Security numbers, phone numbers, ZIP codes.

Unstructured data

Unstructured data Ransomware Mining Encryption

Lemon_Duck cryptomining malware evolves to target Linux devices

Security Affairs

AUGUST 28, 2020

Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. “This aspect of the campaign expands the mining operation to support computers running Linux. ” reads the post published by Sophos.

Mining

Mining Authentication Passwords Access

What are the future threats in cyber security?

IT Governance

APRIL 16, 2018

Last week the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) released their annual report on the cyber threats facing UK businesses. Cryptojacking is when cryptocurrency miners are delivered through malware, using a computer’s processing power to illicitly mine cryptocurrency. Cloud security.

Security

Security Data breaches IoT Cloud

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies , which offers paying customers the ability to route their web traffic anonymously through compromised computers. The BHProxies website. “Hey mate, it’s been a long time.

Passwords

Passwords Blockchain Mining Marketing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. The RCMP arrested Bloom in December 2017, and said he made approximately $250,000 selling hacked data, which included information on 37 million user accounts leaked in the 2015 Ashley Madison breach.

Passwords

Passwords Data breaches Marketing IT

DirtyMoe modules expand the bot using worm-like techniques

Security Affairs

MARCH 21, 2022

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The post DirtyMoe modules expand the bot using worm-like techniques appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Mining

Mining Passwords Risk IT

Credit without a Social Security Number

InfoGovNuggets

NOVEMBER 28, 2017

“ Indian Lenders Mine Phone Data,” The Wall Street Journal , November 24, 2017 B10. What’s more private, your phone or your Social Security Number? Lenders fill gap in credit histories by checking data on phones to track Facebook connections and on-line shopping.

Mining

Mining Security Access Analytics

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages.

CMS

CMS Mining Communications Security

Catches of the Month: Phishing Scams for September 2023

IT Governance

SEPTEMBER 15, 2023

Source: Truesec According to Telekom Security , DarkGate Loader’s developer, who goes by the name RastaFarEye, has been developing the malware since 2017 and has been advertising it as a malware-as-a-service model since 16 June 2023. This vulnerability was identified by Max Corbridge and Tom Ellson of JUMPSEC in June.

Phishing

Phishing Mining Education Passwords

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. “Recently, 360 Total Security team intercepted a new worm PsMiner written in Go, which uses CVE-2018-1273, CVE-2017-10271, CVE-2015-1427, CVE-2014-3120 and other high-risk vulnerabilities ?

Mining

Mining Passwords Risk Security

The Long Run of Shade Ransomware

Security Affairs

FEBRUARY 19, 2019

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. Comparison between the ransom note of Shade 2019 (up) and Shade 2017 (down, source: SonicWall ).

Ransomware

Ransomware Mining File names Encryption

Why & Where You Should You Plant Your Flag

Krebs on Security

AUGUST 12, 2020

Postal Service, the credit bureaus or the Social Security Administration, it’s a good idea to do so for several reasons. Adding multi-factor authentication (MFA) at these various providers (where available) and/or establishing a customer-specific personal identification number (PIN) also can help secure online access.

Passwords

Passwords Authentication Access Paper

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

JUNE 5, 2019

Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. “Simultaneous with its attacks, BlackSquid also downloads and executes two XMRig cryptocurrency-mining components.! continues the analysis. Pierluigi Paganini.

Mining

Mining File names Libraries IT

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. In 2017 there were ten times more than in 2016.

IoT

IoT Honeypots Passwords Mining

Weekly podcast: Reports galore and more cryptojacking

IT Governance

FEBRUARY 22, 2018

This week, we discuss new reports from Cisco, McAfee and the CSIS, and Big Brother Watch, and hear more about malicious Monero mining. Cyber security reports are a bit like the proverbial London omnibus: you seem to wait for ages, then several come along at once. Here are this week’s stories.

Mining

Mining GDPR Risk Security awareness

500M Avira Antivirus Users Introduced to Cryptomining

Norton 360 Now Comes With a Cryptominer

Webinars

Trending Sources

Cryptominer ELFs Using MSR to Boost Mining Process

Webinars

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Identity Thieves Bypassed Experian Security to View Credit Reports

Court Rules in Favor of Mining LinkedIn User Data

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

StripedFly, a complex malware that infected one million devices without being noticed

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs newsletter Round 318

Supply Chain Cyberattacks Surged 200% in 2017

PurpleFox malware infected at least 2,000 computers in Ukraine

DarkGate malware campaign abuses Skype and Teams

CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Kinsing threat actors probed the Looney Tunables flaws in recent attacks

Interview with the Head of the NSA’s Research Directorate

ZombieBoy, a new Monero miner that allows to earn $1,000 on a monthly basis

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Necro Python bot now enhanced with new VMWare, server exploits

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

Episode 186: Certifying Your Smart Home Security with GE Appliances and UL

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

Lemon_Duck cryptomining malware evolves to target Linux devices

What are the future threats in cyber security?

Who’s Behind the Botnet-Based Service BHProxies?

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

DirtyMoe modules expand the bot using worm-like techniques

Credit without a Social Security Number

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Catches of the Month: Phishing Scams for September 2023

Modular Cryptojacking malware uses worm abilities to spread

The Long Run of Shade Ransomware

Why & Where You Should You Plant Your Flag

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Evolution of threat landscape for IoT devices – H1 2018

Weekly podcast: Reports galore and more cryptojacking

Stay Connected