2022 and Mining - Information Management Today

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The gap is being abused for malicious cryptocurrency mining.”

Mining

Mining File names Ransomware Cloud

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Security Affairs

JANUARY 3, 2023

The Canadian Copper Mountain Mining Corporation (CMMC) was hit with a ransomware attack that impacted its operations. The Canadian Copper Mountain Mining Corporation (CMMC) announced to have suffered a ransomware attack late on December 27, 2022, which impacted its operation. . ” concludes the statement.

Mining

Mining Ransomware Data breaches Risk

Prometei botnet evolves and infected +10,000 systems since November 2022

Security Affairs

MARCH 11, 2023

A new version of the Prometei botnet has infected more than 10,000 systems worldwide since November 2022, experts warn. Cisco Talos researchers reported that the Prometei botnet has infected more than 10,000 systems worldwide since November 2022. Russia only accounted for 0.31 ” reads the report published by Talos.

Mining

Mining Communications Security IT

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Mining

Mining Paper Access Security

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Security Affairs

OCTOBER 4, 2023

action in network access logs presence of /setup/setupadministrator.action in an exception message in atlassian-confluence-security.log in the Confluence home directory In September 2022, threat actors were observed targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign.

Mining

Mining Access Authentication Cloud

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Security Affairs

MAY 14, 2023

Researchers from FortiGuard Labs first discovered the previously undetected RapperBot IoT botnet in August, and reported that it is active since mid-June 2022. Initially, they deployed and executed a separate Monero miner alongside the usual RapperBot binary, but starting from January 2023, they included the mining capabilities in the bot.

Mining

Mining IoT Passwords Authentication

Hackers stole $3 million worth of cryptocurrency from BTC.com

Security Affairs

DECEMBER 27, 2022

BTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the extraction of new Bitcoin coins. ” continues the press release.

Mining

Mining Security IT Information Security

Phishing Domains Tanked After Meta Sued Freenom

Krebs on Security

MAY 26, 2023

By the time Meta initially filed its lawsuit in December 2022 , Freenom was the source of well more than half of all new phishing domains coming from country-code top-level domains. Meta withdrew its December 2022 lawsuit and re-filed it in March 2023. The two parties settled the matter in April 2022.

Phishing

Phishing Mining IT

Norton Crypto, the controversial cryptomining feature of Norton 360

Security Affairs

JANUARY 7, 2022

Many users ignore that Norton 360 comes with a cryptomining feature, dubbed Norton Crypto, that could allow them to earn money mining Ethereum (ETH) cryptocurrency while the customer’s computer is idle. Norton keeps a 15% of the mined cryptocurrency. “ Will Norton 360 mine my device without my permission?

Mining

Mining Energy and Utilities Security IT

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

MAY 3, 2024

” reported Trend Micro. “Apart from the EdgeRouter devices, we also found compromised Raspberry Pi and other internet-facing devices in the botnet. ” concludes the report.

Healthcare

Healthcare Phishing e-Discovery Mining

Cryptomining campaign targets Linux systems with Go-based CHAOS Malware

Security Affairs

DECEMBER 12, 2022

Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). Gather operating system information.

Mining

Mining Cloud Security IT

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. For example, there were four phone numbers on my Experian credit file: Only one of them was mine, and that one hasn’t been mine for ages. Her report also was replete with errors.

Security

Security Authentication Mining Cybersecurity

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

In 2022, the researchers detected within the WININIT.EXE process an older code that was associated with the NSA-linked Equation malware. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Further analysis revealed that the malware has been used since at least 2017.

Ransomware

Ransomware Mining Communications IT

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Krebs on Security

MARCH 7, 2022

On June 6, 2021, Conti underling “ Begemot ” pitched Stern on a scheme to rip off a bunch of people mining virtual currencies, by launching distributed denial-of-service (DDoS) attacks against a cryptocurrency mining pool. “I’m sorting it out and have already started writing code.” We start ddosing.

Ransomware

Ransomware Mining Blockchain Sales

Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign

Security Affairs

JUNE 15, 2022

Researchers discovered a new Golang-based peer-to-peer (P2P) botnet, dubbed Panchan, targeting Linux servers in the education sector since March 2022. Akamai security researchers discovered a new Golang-based P2P Botnet, tracked as Panchan, that is targeting Linux servers that has been active since March 2022.

Mining

Mining Education Authentication Security

Lemon_Duck cryptomining botnet targets Docker servers

Security Affairs

APRIL 22, 2022

The Lemon_Duck cryptomining botnet is targeting Docker servers to mine cryptocurrency on Linux systems. Crowdstrikes researchers reported that the Lemon_Duck cryptomining botnet is targeting Docker to mine cryptocurrency on Linux systems. “The “a.asp” file is the actual payload in this attack. ” concludes the report.

Mining

Mining Cloud Access Cybersecurity

Anonymous is working on a huge data dump that will blow Russia away

Security Affairs

MARCH 28, 2022

#RostProektLeak hacked by Anonymous Delete the *—— [link] @YourAnonRiots @YourAnonNews @YourAnonTV @AnonymousVideo pic.twitter.com/NoPRPmy18S — 0PS INFORMATION | WORLD HUMANITY | (@NewAnon0ps) March 27, 2022. link] — Anonymous (@LatestAnonPress) March 28, 2022. The hacktivists have leaked 2.4 But f**k, be ready.

Mining

Mining Manufacturing Government IT

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

The analysis of the infections from mid-June to mid-July 2022 revealed that most of the bots are located in Europe, specifically Italy. The Chaos malware supports more than 70 different commands, including executing propagation through the exploitation of pre-determined CVEs, launching DDoS attacks or starting crypto mining.

Mining

Mining Financial Services IT Security

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

2022 by Google researcher Luca Nagy. Collectively, the tens of thousands of systems infected with Glupteba on any given day feed into a number of major cybercriminal businesses: The botnet’s proprietors sell the credential data they steal, use the botnet to place disruptive ads on the infected computers, and mine cryptocurrencies.

Mining

Mining Access IoT Passwords

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Security Affairs

JUNE 3, 2022

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Mining

Mining Authentication Security Cybersecurity

Archive-It Partner News, December 2022

Archive-It

DECEMBER 21, 2022

Warmest wishes for the 2022 Holiday Season from our team to you and yours! Visualization presented at the Humanities and the Web: Introduction to Web Archive Data Analysis, November 14, 2022, Los Angeles Public Library. Community News. Humanities and the Web: Introduction to Web Archive Data Analysis Recap.

Archiving

Archiving IT Libraries Mining

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

Companies with an annual revenue of US$250,000 to US$999,999 report feeling less prepared to deal with cyber risks in 2023 (76%) than they did in 2022 (70%). Beazley manages seven Lloyd’s syndicates and, in 2022, underwrote gross premiums worldwide of $5,268.7m. Beazley plc (BEZ.L) All Lloyd’s syndicates are rated A by A.M.

Risk

Risk Insurance Energy and Utilities Marketing

Security Affairs newsletter Round 401 by Pierluigi Paganini

Security Affairs

JANUARY 8, 2023

rail and locomotive company Wabtec hit with Lockbit ransomware Synology fixes multiple critical vulnerabilities in its routers Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack BitRAT campaign relies on stolen sensitive bank data as a lure Does Volvo Cars suffer a new data breach?

Security

Security Ransomware Mining Data breaches

RSAC insights: How IABs — initial access brokers — help sustain, accelerate the ransomware plague

The Last Watchdog

JUNE 20, 2022

I had the chance at RSA Conference 2022 to visit with John Shier, senior security advisor at Sophos, a security software and hardware company. an operative who’s adept at, say, carrying out a crypto mining routine that saps processing power. Or the payload might be a data exfiltration routine — or a full-blown ransomware attack.

Access

Access Ransomware Digital transformation Sales

MaliBot Android Banking Trojan targets Spain and Italy

Security Affairs

JUNE 18, 2022

MaliBot disguises itself as a cryptocurrency mining app named “Mining X” or “The CryptoApp”, experts also observed the malicious code masqueraded as “MySocialSecurity” and “Chrome” apps. ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Mining

Mining Access Phishing Authentication

ZingoStealer crimeware released for free in the cybercrime ecosystem

Security Affairs

APRIL 15, 2022

The crimeware allows operators to steal information from infected systems and abuse its resources to mine Monero. In many cases, this includes the RedLine Stealer and an XMRig-based cryptocurrency mining malware that is internally referred to as “ZingoMiner.””

Mining

Mining Metadata Cybersecurity IT

Security Affairs newsletter Round 385

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Security

Security Mining Data breaches Encryption

Glupteba botnet is back after Google disrupted it in December 2021

Security Affairs

DECEMBER 19, 2022

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers. The researchers observed a new campaign that started in June 2022 after the Google lawsuit and is still ongoing.

Blockchain

Blockchain IT Mining Security

Russian Infostealer Gangs Steal 50 Million Passwords

eSecurity Planet

NOVEMBER 29, 2022

“In 2022, info-stealing malware has grown into one of the most serious digital threats,” Group-IB noted in a statement. In 2022, while PayPal and Amazon remain key targets, theft of passwords for gaming services like Steam, Epic Games and Roblox has surged by almost 500 percent. Gaming Becomes a Target. Aurora Malware.

Passwords

Passwords Phishing Mining Marketing

Highly evasive cryptocurrency miner targets macOS

Security Affairs

FEBRUARY 24, 2023

The malicious code uses i2p to download malicious components and send mined currency to the attacker’s wallet. The researchers noticed similarities with other examples reported by Trend Micro in February 2022. This malware relies on the i2p (Invisible Internet Project) anonymization network for communication.

Mining

Mining Passwords Communications Security

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Dragos researchers were also able to recover the password using the exploit over Ethernet, significantly increasing the severity of the flaw, tracked as CVE-2022-2003. The CVE-2022-2003 was responsibly disclosed to Automation Direct and the vendor addressed it with the release of a firmware update.

Passwords

Passwords Mining IT Security

Anonymous and its affiliates continue to cause damage to Russia

Security Affairs

MARCH 2, 2022

AgainstTheWes #Ukraine pic.twitter.com/PJU5ClsGfr — ATW (@AgainstTheWest_) March 1, 2022. Ukraine #AgainstTheWest pic.twitter.com/ah0T46OsNn — ATW (@AgainstTheWest_) March 1, 2022. Breached by ATW & RF member : – ) #AgainstTheWest #Ukraine pic.twitter.com/AOhKZHtAq1 — ATW (@AgainstTheWest_) March 1, 2022.

IT

IT Manufacturing Mining Government

Clipminer Botnet already allowed operators to make at least $1.7 Million

Security Affairs

JUNE 3, 2022

The bot focuses on cryptocurrency mining and cryptocurrency theft via clipboard hijacking. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. million in illicit gains. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Mining

Mining Archiving Cybersecurity Security

Atlassian addresses a critical Jira authentication bypass flaw

Security Affairs

APRIL 24, 2022

Atlassian fixed a critical flaw in its Jira software, tracked as CVE-2022-0540 , that could be exploited to bypass authentication. Atlassian has addressed a critical vulnerability in its Jira Seraph software, tracked as CVE-2022-0540 (CVSS score 9.9), that can be exploited by an unauthenticated attacker to bypass authentication.

Authentication

Authentication Mining Cybersecurity Security

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Security Affairs

SEPTEMBER 22, 2022

” reads the post published by Zhu on September 11, 2022. Adds a new SSH key to the root user’s authorized_keys file Disables the iptables firewall Installs several hacking and scanning tools such as “masscan” Installs and runs the cryptocurrency mining application XMRig. SecurityAffairs – hacking, mining).

Mining

Mining Data structuring Business Services Encryption

Google obtained a temporary court order against CryptBot distributors

Security Affairs

APRIL 28, 2023

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers.

Blockchain

Blockchain Mining Education IT

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

KmsdBot is an evasive Golang-based malware that was first detected by Akamai in November 2022, it infects systems via an SSH connection that uses weak login credentials. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks.

IoT

IoT Mining Manufacturing Education

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Also read: Best Antivirus Software of 2022. The 2022 SonicWall Cyber Threat Report found that all types of cyberattacks increased in 2021. million per incident, according to the World Economic Forum (WEF) Global Cybersecurity Outlook 2022 report, while IBM reports that the number is now $4.24 Cyberattack Statistics.

Ransomware

Ransomware Cybersecurity Phishing Encryption

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. Abdalla Khafagy’s LinkedIn profile says he was “global director of community” at Crypto.com for about a year ending in January 2022. The website BHProxies[.]com million from private investors.

Passwords

Passwords Blockchain Mining Marketing

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Krebs on Security

MARCH 26, 2024

“For some reason, PeopleDataLabs has three profiles that come up when you search for my info, and two of them are mine but one is an elementary school teacher from the midwest,” Patel said. Throughout 2022, a criminal hacking group known as LAPSUS$ used MFA bombing to great effect in intrusions at Cisco , Microsoft and Uber.

Passwords

Passwords Phishing Authentication Mining

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Security Affairs

MAY 4, 2022

” The technique to compromise Dockers containers is widely adopted by financially-motivated threat actors, like LemonDuck or TeamTNT to abuse their resources and mine cryptocurrencies. The experts noticed that the Docker images’ target lists overlap with domains shared by the Ukraine IT Army (UIA).

Honeypots

Honeypots Military Mining Government

Over 200 Apps on Play Store were distributing Facestealer info-stealer

Security Affairs

MAY 17, 2022

“As for the fake cryptocurrency miner apps, their operators not only try to profit from their victims by duping them into buying fake cloud-based cryptocurrency-mining services, but they also try to harvest private keys and other sensitive cryptocurrency-related information from users who are interested in what they offer.

Mining

Mining Cloud Cybersecurity Security

BitRAT campaign relies on stolen sensitive bank data as a lure

Security Affairs

JANUARY 3, 2023

Monero mining. ” The obfuscated BitRAT loader samples were hosted on a GitHub repository that was created in mid-November 2022. The RAT supports the following capabilities: Data exfiltration. Execution of payloads with bypasses. Keylogging. Webcam and microphone recording. Credential theft. The temp files are then deleted.”

Mining

Mining Phishing Access IT

New AlienFox toolkit harvests credentials for tens of cloud services

Security Affairs

MARCH 30, 2023

The researchers analyzed AlienFox versions 2 through 4, which date from February 2022 onward. “Opportunistic cloud attacks are no longer confined to cryptomining: AlienFox tools facilitate attacks on minimal services that lack the resources needed for mining. ” concludes the report.

Cloud

Cloud Mining Retail Sales

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Webinars

Trending Sources

Prometei botnet evolves and infected +10,000 systems since November 2022

Webinars

Experian Glitch Exposing Credit Files Lasted 47 Days

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Hackers stole $3 million worth of cryptocurrency from BTC.com

Phishing Domains Tanked After Meta Sued Freenom

Norton Crypto, the controversial cryptomining feature of Norton 360

Russia-linked APT28 and crooks are still using the Moobot botnet

Cryptomining campaign targets Linux systems with Go-based CHAOS Malware

Identity Thieves Bypassed Experian Security to View Credit Reports

StripedFly, a complex malware that infected one million devices without being noticed

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign

Lemon_Duck cryptomining botnet targets Docker servers

Anonymous is working on a huge data dump that will blow Russia away

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Archive-It Partner News, December 2022

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

Security Affairs newsletter Round 401 by Pierluigi Paganini

RSAC insights: How IABs — initial access brokers — help sustain, accelerate the ransomware plague

MaliBot Android Banking Trojan targets Spain and Italy

ZingoStealer crimeware released for free in the cybercrime ecosystem

Security Affairs newsletter Round 385

Glupteba botnet is back after Google disrupted it in December 2021

Russian Infostealer Gangs Steal 50 Million Passwords

Highly evasive cryptocurrency miner targets macOS

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Anonymous and its affiliates continue to cause damage to Russia

Clipminer Botnet already allowed operators to make at least $1.7 Million

Atlassian addresses a critical Jira authentication bypass flaw

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Google obtained a temporary court order against CryptBot distributors

Updated Kmsdx botnet targets IoT devices

What is a Cyberattack? Types and Defenses

Who’s Behind the Botnet-Based Service BHProxies?

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Over 200 Apps on Play Store were distributing Facestealer info-stealer

BitRAT campaign relies on stolen sensitive bank data as a lure

New AlienFox toolkit harvests credentials for tens of cloud services

Stay Connected