Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. The WatchDog botnet has been active at least since Jan.

Mining 137

Mining Cloud Access Security 137

Security Affairs

FEBRUARY 21, 2024

A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis servers with a crypto miner dubbed Migo. The attackers continue to improve their capability to exploit web-facing services.

Mining 98

Mining Honeypots Cloud Ransomware 98

Security Affairs

DECEMBER 12, 2022

Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT).

Mining 98

Mining Cloud Security IT 98

Security Affairs

JANUARY 10, 2022

Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December 2020. Experts linked the infrastructure used by the Abcbot DDoS botnet to the operations of a cryptocurrency-mining botnet that was uncovered in December 2020.

Mining 81

Mining Honeypots Cloud Security 81

Security Affairs

OCTOBER 4, 2023

” According to the advisory, the vulnerability doesn’t impact Atlassian Cloud sites. Trend Micro researchers warned of a crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 RCE vulnerability disclosed in early June 2022.

Mining 112

Mining Access Authentication Cloud 112

Security Affairs

MARCH 30, 2021

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining pool, by he estimated that threat actors mined US$200,000 worth of cryptocurrencies in a two-year period.

Mining 100

Mining Libraries Cloud Security 100

Security Affairs

NOVEMBER 4, 2023

Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments. Researchers are cloud security firm Aqua have observed threat actors exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables in attacks against cloud environments.

Cloud 92

Cloud Mining Access Security 92

Security Affairs

JULY 29, 2020

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. It has been active for at least two years.”

Blockchain 133

Blockchain Mining Cloud Communications 133

Security Affairs

NOVEMBER 10, 2023

Threat actors relied on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools. In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing apps, and the cloud computing infrastructure Azure.

Mining 123

Mining Cloud IT Security 123

Security Affairs

SEPTEMBER 9, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. Researchers from Palo Alto Networks, that analyzed the same campaign , reported that the group is also using a cloud penetration testing toolset to target cloud-based apps that is named Peirates.

Mining 86

Mining IT Cloud Security 86

Security Affairs

NOVEMBER 22, 2023

Researchers from Aqua Nautilus spotted experimental incursions into cloud environments by Kinsing actors. Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP).” reads the analysis published by Aqua firm.

IT 90

IT Mining Cloud Cybersecurity 90

Security Affairs

APRIL 22, 2022

The Lemon_Duck cryptomining botnet is targeting Docker servers to mine cryptocurrency on Linux systems. Crowdstrikes researchers reported that the Lemon_Duck cryptomining botnet is targeting Docker to mine cryptocurrency on Linux systems. “The “a.asp” file is the actual payload in this attack. Kills known network connections.

Mining 81

Mining Cloud Access Cybersecurity 81

Security Affairs

JANUARY 25, 2021

. “These techniques include numerous modules that exploit implicit trust, weak passwords, and unauthenticated remote code execution (RCE) vulnerabilities in popular applications, including Secure Shell (SSH), IT administration tools, a variety of cloud-based applications, and databases.” Ransomware, data theft).

Mining 136

Mining Passwords Communications Ransomware 136

Security Affairs

MAY 26, 2021

. “Most of the compromised nodes were from China and the US identified in the ISP (Internet Service Provider) list, which had Chinese and US-based providers as the highest hits, including some CSPs (Cloud Service Providers).” The malware deploys the XMRig mining tool to mine Monero cryptocurrency. Pierluigi Paganini.

Mining 127

Mining Cloud Security Access 127

Security Affairs

JANUARY 31, 2021

The new malware implement new and improved rootkit and worm capabilities, it continues to target cloud applications by exploiting known vulnerabilities such as Oracle WebLogic ( CVE-2017-10271 ) and Apache ActiveMQ ( CVE-2016-3088 ) servers. “Pro-Ocean uses known vulnerabilities to target cloud applications.

Cloud 79

Cloud Libraries Mining IT 79

Thales Cloud Protection & Licensing

JUNE 27, 2022

From smart cities and digital IDs to open government and better governance, the Cloud, Big Data, IoT and Artificial Intelligence have enabled a wide range of digital government initiatives. Cloud adoption, essential for convenient services and efficient collaboration, is widespread and growing fast. Cloud Security.

Government 71

Government Risk Artificial Intelligence Big data 71

Security Affairs

JANUARY 9, 2023

Researchers at Microsoft Defender for Cloud observed threat actors behind the Kinsing cryptojacking operation using two methods to gain initial access in Kubernetes environments: exploitation of weakly configured PostgreSQL containers and exploiting vulnerable images.

Mining 87

Mining Authentication Access Passwords 87

Security Affairs

FEBRUARY 5, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations.

Mining 107

Mining Libraries Encryption Access 107

Security Affairs

JULY 16, 2022

The President of European Central Bank Christine Lagarde targeted by hackers Flaws in the ExpressLRS Protocol allow the takeover of drones Microsoft announced the general availability of Windows Autopatch feature Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM A fake job offer via LinkedIn allowed to steal $540M from Axie (..)

Security 89

Security Ransomware Mining Phishing 89

Security Affairs

AUGUST 28, 2023

The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. The bot targets private gaming servers, cloud hosting providers, and certain government and educational sites.

IoT 85

IoT Mining Manufacturing Education 85

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Security 79

Security Mining Data breaches Encryption 79

Security Affairs

DECEMBER 7, 2021

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes.

Blockchain 104

Blockchain Mining Cloud Access 104

Security Affairs

MAY 4, 2022

“Container and cloud-based resources are being abused to deploy disruptive tools. ” The technique to compromise Dockers containers is widely adopted by financially-motivated threat actors, like LemonDuck or TeamTNT to abuse their resources and mine cryptocurrencies. . ” reported Crowdstrike.

Honeypots 104

Honeypots Military Mining Government 104

Security Affairs

MAY 17, 2022

“As for the fake cryptocurrency miner apps, their operators not only try to profit from their victims by duping them into buying fake cloud-based cryptocurrency-mining services, but they also try to harvest private keys and other sensitive cryptocurrency-related information from users who are interested in what they offer.

Mining 85

Mining Cloud Cybersecurity Security 85

Security Affairs

AUGUST 29, 2019

All the victims used the same Cloud Computing Company, even if it was not specifically mentioned they used the services of Amazon Web Services (AWS). THOMPSON used this access not only to steal data, but also used stolen computer power to “mine” cryptocurrency for her own benefit, a practice known as “ cryptojacking.””

Mining 78

Mining Cloud Data breaches Access 78

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security 77

Security Data breaches Ransomware Artificial Intelligence 77

Security Affairs

OCTOBER 15, 2019

The cybercrime organization was first spotted in April 2018 by researchers at Cisco Talos, earlier 2019 researchers from Palo Alto Networks Unit42 found new malware samples used by the Rocke group for cryptojacking that uninstalls from Linux servers cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud.

Mining 61

Mining Cloud Security Access 61

Security Affairs

JULY 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security 63

Security Mining Phishing Ransomware 63

eSecurity Planet

APRIL 7, 2023

Virtual devices may be deployed locally or in the cloud. Pricing Forescout does not publish pricing information directly, but does publish a licensing sizing guide that covers hardware options and some software licensing. to stringent (quarantine assets, turn off switch port, block access, disable network card, etc.)

IoT 98

IoT Compliance Cloud Access 98

Security Affairs

MAY 2, 2021

Every week the best security articles from Security Affairs free for you in your email box.

Security 56

Security Mining Ransomware Military 56

The Last Watchdog

JANUARY 28, 2019

This variant of Xbash is equipped to quietly uninstall any one of five popular types of cloud security protection and monitoring products used on such servers. The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Targeting one device.

Privacy 196

Privacy Passwords Security Access 196

Security Affairs

SEPTEMBER 19, 2022

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and targets Docker installs. We are still assessing if these three attacks are a sign that they have resumed their campaigns against cloud native environments or not.” ” concludes the report. Pierluigi Paganini.

Encryption 91

Encryption Honeypots Mining Communications 91

Security Affairs

DECEMBER 2, 2020

This botnet is targeting cloud servers. An earlier version of the botnet, carrying only XMR Miner payload was investigated and reported by Patrick Olsen from AWAKE Security in September 2020. The Miner ELF binaries connect to the following mining proxy servers: 66.70.218.40:8080 Botnet Summary. read())’ If bash.givemexyz.in

Mining 94

Mining IoT Cloud IT 94

Security Affairs

APRIL 26, 2022

The phishing messages sent to the journalists contained a link to ZIP archives containing LNK files, both named ‘Kang Min-chol edits’ (Kang Min-chol is North Korea’s Minister of Mining Industries). The archive was hosted on the domain dailynk[.]us us which impersonates NK News (dailynk[.]com), ” continues the analysis.

Archiving 68

Archiving Phishing Mining Cybersecurity 68

ForAllSecure

AUGUST 18, 2021

It’s first directory, Chris Krebs, was fired by then-president Tump for saying that the 2020 election was the most secure election in history. Easterly first cleared up one of the biggest challenges facing information security today-- how to pronounce “CISA. Easterly was appointed by Congress a few weeks ago.

Cybersecurity 52

Cybersecurity Mining Military Education 52

Security Affairs

APRIL 4, 2021

If you want to receive the complete weekly Security Affairs Newsletter for free, including the international press, subscribe here.

Security 68

Security Ransomware Mining Authentication 68

IT Governance

FEBRUARY 14, 2019

Roberts continued: “We believe that a software change, as part of moving our services to the cloud, that was put in place on Tuesday pm was the cause of this issue. According to the BBC , the Information Commissioner’s Office confirmed that it had received a data breach notification from Mumsnet and “would be looking into the incident”.

Data breaches 75

Data breaches Authentication Passwords Data migration 75