2018, Mining and Security - Information Management Today

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

The Last Watchdog

AUGUST 3, 2018

Illicit crypto mining is advancing apace. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Related article: Illicit crypto mining hits cloud services. It’s likely IT and security teams won’t find the infection for months.

Mining

Mining Data breaches Ransomware Cloud

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. The security incident has happened in July at the South Ukraine Nuclear Power Plant at Yuzhnoukrainsk, in the south of the country. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

GUEST ESSAY: Tapping Bitcoin’s security — to put a stop to ‘51% attacks’ of cryptocurrency exchanges

The Last Watchdog

OCTOBER 28, 2021

However, these attacks aren’t due to exchange security flaws; malicious actors are exploiting the underlying consensus protocols of blockchains themselves. In 2018, a 51% attack on Bitcoin Gold absconded with over $18M, and the attack was estimated to cost less than $200k to execute.

Blockchain

Blockchain Mining Security IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner.

Mining

Mining Cloud Security IT

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. Redis Spring Data Commons CVE-2018-1273, versions prior to 1.13-1.13.10,

Mining

Mining Cloud Access Security

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The second one is only used if a dedicated GPU is found on the host.

Mining

Mining Communications IT Security

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. Security Affairs – IoT devices, hacking ).

IoT

IoT Honeypots Passwords Mining

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. In the days that followed, the DFS and U.S.

Insurance

Insurance Financial Services Mining Access

Weekly podcast: Australian Cabinet Files, Matt Hancock MP’s app and Monero mining

IT Governance

FEBRUARY 1, 2018

Hello and welcome to the IT Governance podcast for Friday, 2 February 2018. After all, why lock users’ machines and demand a ransom that they might not even pay when you can just infect their machine with software that mines for cryptocurrency without their knowledge? Wait a moment – cryptocurrency mining ? What’s that?

Mining

Mining Blockchain Government Libraries

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

The Last Watchdog

SEPTEMBER 21, 2018

Security burden. Though DevOps-centric organizations can gain altitude quickly, they also tend to generate fresh security vulnerabilities at a rapid clip, as well. In that caper, a core API was left open allowing them to exploit it and begin using Tesla’s servers to mine cryptocurrency. We met at Black Hat USA 2018.

Cloud

Cloud Security Mining Financial Services

Security Affairs newsletter Round 312

Security Affairs

MAY 2, 2021

Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. Pierluigi Paganini.

Security

Security Mining Ransomware Military

Annual Protest Raises $250K to Cure Krebs

Krebs on Security

MARCH 31, 2019

For the second year in a row, denizens of a large German-language online forum have donated more than USD $250,000 to cancer research organizations in protest of a story KrebsOnSecurity published in 2018 that unmasked the creators of Coinhive , a now-defunct cryptocurrency mining service that was massively abused by cybercriminals.

Mining

Mining Privacy IT

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. ” reads the alert published by CERT-UA. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Mining

Mining Passwords Government IT

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Security Affairs

AUGUST 28, 2018

According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2.

Mining

Mining IoT Risk IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Later the experts discovered that Crackonosh was also able to disable antivirus software from other major security vendors to avoid detection, including Windows Defender and Windows Update.

Mining

Mining File names Security IT

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

SEPTEMBER 10, 2018

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. The exploit code for the CVE-2018-14847 vulnerabilities is becoming a commodity in the hacking underground, just after its disclosure crooks started using it to compromise MikroTik routers. Summarizing, more than 370,000 of 1.2

Mining

Mining IoT Libraries Security

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Hello and welcome to the final IT Governance podcast of 2018. The year started with the revelation of Spectre and Meltdown – major security flaws affecting processors manufactured by Intel, ARM and AMD.

Data breaches

Data breaches Personal data Access GDPR

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Security Manufacturing Privacy

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. Pierluigi Paganini.

Mining

Mining Passwords Education Cybersecurity

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

In April, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) previously warned of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591.

Government

Government Mining Archiving Encryption

Annual Protest to ‘Fight Krebs’ Raises €150K+

Krebs on Security

MARCH 30, 2020

In 2018, KrebsOnSecurity unmasked the creators of Coinhive — a now-defunct cryptocurrency mining service that was being massively abused by cybercriminals — as the administrators of a popular German language image-hosting forum.

Mining

Mining Privacy IT

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

The Last Watchdog

SEPTEMBER 11, 2019

Security orchestration, automation and response, or SOAR, is a fledgling security technology stack that first entered the cybersecurity lexicon about six years ago. Saurabh told me he developed a passion for helping organizations improve the efficiencies of their security operations. billion, and later co-founded SumoLogic.

Security

Security Big data Cybersecurity Analytics

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

Security Affairs

DECEMBER 13, 2020

Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. In 2018, CVE-2019-9193 was linked to this feature, naming it as a “vulnerability.” ” continues the analysis. ” concludes the analysis.

Mining

Mining Authentication Passwords Access

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. In September thousands of unpatched MikroTik Routers were involved in new cryptocurrency mining campaigns. Pierluigi Paganini.

Mining

Mining Systems administration Security Access

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

This variant of Xbash is equipped to quietly uninstall any one of five popular types of cloud security protection and monitoring products used on such servers. The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Secure your phone. Targeting one device.

Privacy

Privacy Passwords Security Access

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

Security Affairs

SEPTEMBER 17, 2021

CVE-2020-14882 Oracle WebLogic Server RCE, and CVE-2018-20062 ThinkPHP RCE) and targeting sites and systems protected with weak administrative credentials. Upon infecting a system, the malware abuses its resources to mine cryptocurrency. . The malware spread through attacks exploiting known vulnerabilities (i.e. Pierluigi Paganini.

Honeypots

Honeypots Mining Encryption Access

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers.

Mining

Mining Libraries Analytics Security

Why & Where You Should You Plant Your Flag

Krebs on Security

AUGUST 12, 2020

As KrebsOnSecurity observed back in 2018 , many people — particularly older folks — proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — including everything from utilities and mobile phones to retirement benefits and online banking services. .”

Passwords

Passwords Authentication Access Paper

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos. Pierluigi Paganini.

Mining

Mining IT Security Information Security

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

The Last Watchdog

SEPTEMBER 18, 2018

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.”. I talked with Jonathan Sander, Chief Technology Officer with STEALTHbits Technologies , about this at Black Hat USA 2018. Related video: Why it’s high time to protect unstructured data.

Unstructured data

Unstructured data Ransomware Mining Encryption

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

The best news of the week with Security Affairs. Evolution of threat landscape for IoT devices – H1 2018. Adobe issued a critical out-of-band patch to address CVE-2018-12848 Acrobat flaw. Ngrok Mining Botnet. Security Affairs – Newsletter ). A new round of the weekly SecurityAffairs newsletter arrived! Paper Copy.

Computer and Electronics

Computer and Electronics Security Mining Data breaches

What are the future threats in cyber security?

IT Governance

APRIL 16, 2018

Last week the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) released their annual report on the cyber threats facing UK businesses. Cryptojacking is when cryptocurrency miners are delivered through malware, using a computer’s processing power to illicitly mine cryptocurrency. Cloud security.

Security

Security Data breaches IoT Cloud

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The post DirtyMoe botnet infected 100,000+ Windows systems in H1 2021 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Mining

Mining Passwords Communications IT

Security Affairs newsletter Round 203 – News of the week

Security Affairs

MARCH 3, 2019

The best news of the week with Security Affairs. Cyber Command disrupted blocked Russian troll factory during 2018 midterms. CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019. The post Security Affairs newsletter Round 203 – News of the week appeared first on Security Affairs. Kindle Edition.

Security

Security Mining Ransomware Sales

MyKings botnet operators already amassed at least $24 million

Security Affairs

OCTOBER 13, 2021

” The malware was first spotted in February 2018 by researchers from Proofpoint when the bot was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. The post MyKings botnet operators already amassed at least $24 million appeared first on Security Affairs.

ROT

ROT Mining Encryption IT

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy.

Passwords

Passwords Archiving Mining Education

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000. In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. This week, the U.S. First American Financial Corp.

Insurance

Insurance Risk Financial Services Mining

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining

Mining Passwords IT Security

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. The post New variant of Linux Botnet WatchBog adds BlueKeep scanner appeared first on Security Affairs. ” reads a blog post published by Intezer. Pierluigi Paganini.

Mining

Mining Encryption IT Security

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

JULY 4, 2020

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration , the IRS and others before crooks do it for you.

Passwords

Passwords Authentication Insurance Mining

DirtyMoe modules expand the bot using worm-like techniques

Security Affairs

MARCH 21, 2022

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The post DirtyMoe modules expand the bot using worm-like techniques appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Mining

Mining Passwords Risk IT

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages.

CMS

CMS Mining Communications Security

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Webinars

Trending Sources

GUEST ESSAY: Tapping Bitcoin’s security — to put a stop to ‘51% attacks’ of cryptocurrency exchanges

Webinars

Pacha Group declares war to rival crypto mining hacking groups

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

New KryptoCibule Windows Trojan spreads via malicious torrents

Evolution of threat landscape for IoT devices – H1 2018

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

NY Charges First American Financial for Massive Data Leak

Weekly podcast: Australian Cabinet Files, Matt Hancock MP’s app and Monero mining

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

Security Affairs newsletter Round 312

Annual Protest Raises $250K to Cure Krebs

PurpleFox malware infected at least 2,000 computers in Ukraine

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Weekly podcast: 2018 end-of-year roundup

5 IoT Security Predictions for 2019

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

APT hacked a US municipal government via an unpatched Fortinet VPN

Annual Protest to ‘Fight Krebs’ Raises €150K+

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Why & Where You Should You Plant Your Flag

WatchBog cryptomining botnet now uses Pastebin for C2

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

Security Affairs newsletter Round 181 – News of the week

What are the future threats in cyber security?

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs newsletter Round 203 – News of the week

MyKings botnet operators already amassed at least $24 million

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

First American Financial Pays Farcical $500K Fine

New strain of Clipsa malware launches brute-force attacks on WordPress sites

New variant of Linux Botnet WatchBog adds BlueKeep scanner

E-Verify’s “SSN Lock” is Nothing of the Sort

DirtyMoe modules expand the bot using worm-like techniques

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Stay Connected