PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

Threatpost

Cloud Security Malware Vulnerabilities botnet cryptomining CVE-2019-9193 database servers Linux Malware analysis Monero Palo Alto PGMiner PostgreSQL RCE remote code execution security vulnerability Unit 42The malware takes aim at PostgreSQL database servers with never-before-seen techniques.

Mining 112

Ngrok Mining Botnet

Security Affairs

Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware. I’ve been following the Monero mining pool address used in the Ngrok campaign and regularly checking for other research references on the internet. Firstly nearly all attacks observed were Crypto-mining attackers. Enumerate all processes and immediately kill any that meet a pre-defined kill list (other mining processes).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

Don’t look now but cryptojacking may be about to metastasize into the scourge of cloud services. On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. You can mine them, if you have a powerful CPU. Or you can hijack other people’s computers to do the mining.

Mining 150

Hackers Hijacked Tesla's Cloud to Mine Cryptocurrency

WIRED Threat Level

The recent rash of cryptojacking attacks has hit a Tesla database that contained potentially sensitive information. Security

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. Researchers at Intezer Labs continued to monitor this cybercrime group and discovered that it is also targeting cloud-based environments and working to disrupt operations of other crypto-mining groups, such as the Rocke Group.

Announcing OpenText AI & Analytics Cloud Editions (CE) 20.2

OpenText Information Management

The current global pandemic is bringing new significance to the word “disruptive,” bringing extreme levels of uncertainty and testing the leadership and response of companies, public sector organizations and the … The post Announcing OpenText AI & Analytics Cloud Editions (CE) 20.2

Cryptojacking: Hackers Mining Bitcoin on Your Dime!

InfoGoTo

When cryptojacking, criminal hackers use enterprise computers to mine cryptocurrencies like bitcoin without the organization’s knowledge or consent, escaping the upfront costs of buying computers or computer processing power for the job. Worst of all, infections common in cloud environments can cost the business big bucks. Once inside the cloud, cryptojackers can initiate new workloads on virtually limitless resources, causing cloud usage bills to skyrocket.

Malicious Docker Cryptomining Images Rack Up 20M Downloads

Threatpost

Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers. Cloud Security Malware

Mining 114

Self-Propagating Malware Targets Thousands of Docker Ports Per Day

Threatpost

A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations. Cloud Security Malware aquasec Bitcoin Mining containers cryptojacking campaign Cryptominer Docker kinsing malware misconfiguration self-propagating

Mining 114

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media. “NSO’s products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure as listed and suggested in today’s FT article.”

Black-T Malware Emerges From Cryptojacker Group TeamTNT

Threatpost

Cloud Security Malware AWS beta Black-T cloud systems Crux worm Crux worm miner Cryptocurrency cryptojacking malware MASSCAN mimipenquin mimipy Monero Palo Alto Networks pnscan Rocke Pacha teamtnt Unit 42 Worm XMP XMR mining Zmap

Mining 103

Oracle WebLogic Exploit Used in Cryptocurrency Mining Campaign

Dark Reading

PeopleSoft and WebLogic app servers, as well as cloud systems using WebLogic, hacked and used to net some $226K in digital currency

Cryptomining DreamBus botnet targets Linux servers

Security Affairs

“These techniques include numerous modules that exploit implicit trust, weak passwords, and unauthenticated remote code execution (RCE) vulnerabilities in popular applications, including Secure Shell (SSH), IT administration tools, a variety of cloud-based applications, and databases.”

Mining 111

NEW TECH: Can MPC — Multi Party Computation — disrupt encryption, boost cloud commerce?

The Last Watchdog

But it has also proven to be a profound constraint on the full blossoming of cloud computing and the Internet of Things. And he explained how advanced encryption technologies, like MPC and homomorphic encryption, are on the cusp of enabling much higher use of the mountains of data hoarded in cloud storage by companies and governments. Right now cloud-stored data has to be downloaded and decrypted in order to conduct a search or do any sort of analytics.

Cryptojackers storm Sweden to gain edge in mining for riches

Information Management Resources

But experts warn that for enterprises, the virtual gold rush can put corporate networks at risk and inflate cloud central processing unit usage, adding cost. Cryptocurrencies Bitcoin Blockchain

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

The Last Watchdog

It’s rise in popularity has helped drive a new trend for start-ups to go “Cloud Native,” erecting their entire infrastructure, from the ground up, leveraging cloud services like Amazon Web Services, Microsoft Azure and Google Cloud. Poor configuration of cloud services can translate into gaping vulnerabilities—and low hanging fruit for hackers, the recent Tesla hack being a prime example.

Cloud 167

SpeakUp Linux Backdoor Sets Up for Major Attack

Threatpost

Cloud Security Malware backdoor cpx 360 Linux servers Malware analysis monero mining propagation techniques speakup TrojanArmed with an impressive bag of exploits and other tricks for propagation, researchers believe the new trojan could be the catalyst for an upcoming, major cyber-offensive.

MY TAKE: Knowing these 5 concepts will protect you from illicit cryptocurrency mining

The Last Watchdog

The cryptocurrency craze rages on, and one unintended consequence is the dramatic rise of illicit cryptocurrency mining. Related podcast: How cryptomining malware is beginning to disrupt cloud services. So, quite naturally, malicious hackers are busying themselves inventing clever ways to leech computing power from unwitting victims — and directing these stolen computing cycles towards lining their pockets with freshly mined crypto cash. Cloud targets.

Mining 130

Singapore Man Charged in Large-Scale Cryptomining Scheme

Data Breach Today

Prosecutors Say Suspect Stole IDs and Cloud Resources to Mine Virtual Currencies A Singapore man allegedly ran a large-scale cryptocurrency mining scheme that involved using stolen identities to access Amazon and Google cloud computing resources, according to a 14-count U.S.

Mining 127

Paige Thompson Charged With Hacking 30 Organizations

Data Breach Today

Thompson charges her with stealing 100 million records from Capital One, stealing data from at least 29 other organizations, as well as using hacked cloud computing servers to mine for cryptocurrency Thompson Accused of Stealing Data on 100 Million Americans From Capital One A federal grand jury indictment against Seattle software engineer Paige A.

Mining 162

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. 27, 2019 and already mined at least 209 Monero (XMR), valued to be around $32,056 USD.

Mining 104

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

The new malware implement new and improved rootkit and worm capabilities, it continues to target cloud applications by exploiting known vulnerabilities such as Oracle WebLogic ( CVE-2017-10271 ) and Apache ActiveMQ ( CVE-2016-3088 ) servers.

Cryptojacking Attack Found on Los Angeles Times Website

Threatpost

A security researcher found Coinhive code hidden on a Los Angeles Times’ webpage that was secretly using visitors’ devices to mine cryptocurrency. Cloud Security Cryptography Malware Privacy Web Security Amazon AWS S3 bucket CoinHive cryptojacking cryptomining Monero Javascript miner

30 Docker images downloaded 20M times in cryptojacking attacks

Security Affairs

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. “One of the easiest ways is cryptojacking – the illegal use of someone else’s computing resources to mine cryptocurrencies.

Artificial Intelligence: 6 Step Solution Decomposition Process

Bill Schmarzo - Dell EMC

Note: throughout this blog, when I use the term “artificial intelligence,” I mean that to include other advanced analytics such as deep learning, machine learning (supervised, unsupervised, reinforcement), data mining, predictive analytics, and statistics (see Figure 1). Moving to the cloud is.not a business initiative. Bounty of potential data sources to be mined for actionable insights in support of the business initiative. It’s simple.

Massive Smominru Cryptocurrency Botnet Rakes In Millions

Threatpost

Researchers say Smominru threat actors are in control of 500,000 node botnet and earning $8,500 daily mining for Monero cryptocurrency. Cloud Security Critical Infrastructure Cryptography Malware Vulnerabilities Adylkuzz botnet Cryptocurrency cryptocurrency miner EternalBlue Menero skinkhole Smominru Smominru botnet Smominru malware Windows Management Infrastructure WMI

Optimizing O365 Impossible Travel

Daymark

Cloud security is a constant concern for organizations of every size. The malicious actor located in Moscow who obtains this userID (likely an email of mine) and password then does a quick lookup on LinkedIn and finds that I work at Daymark.

With Google’s 2012 Zeitgeist, You Won’t Learn Much. Why?

John Battelle's Searchblog

Overall, given that it’s nearly impossible to avoid putting your data into someone’s cloud, I believe that Google is probably the best choice for any number of reasons. Imagine if Google took its massive search query database and worked with some of the leaders in the open data movement to mine true insights? Future of Search Internet Big Five Joints After Midnight & Rants Policy The Web As Platform data mining Google policy politics zeitgeist

Analyze your Web Archives at Scale: The Archives Unleashed Cloud

Archive-It

You can check out the Archives Unleashed Cloud at [link] right now, or read on to find out why we’re so excited about it! The Archives Unleashed Cloud (AUK) is accordingly motivated by a desire to lower barriers to working with web archives at scale by providing a convenient, practical, and user-centered tool that takes the stress out of complicated coding scripts and the dreaded command line. The Archives Unleashed Cloud and Archive-It. Archives Unleashed Cloud: A Tour.

Artificial Intelligence: 6 Step Solution Decomposition Process

Bill Schmarzo - Dell EMC

Note: throughout this blog, when I use the term “artificial intelligence,” I mean that to include other advanced analytics such as deep learning, machine learning (supervised, unsupervised, reinforcement), data mining, predictive analytics, and statistics (see Figure 1). Moving to the cloud is.not a business initiative. Bounty of potential data sources to be mined for actionable insights in support of the business initiative. It’s simple.

Google Has Announced Lending DocAI and Procurement DocAI

Document Imaging Report

What this means for the market I’ll leave for wiser heads than mine to opine on. Blogs Google Cloud Invoice processing mortgage processingGoogle has recently announced two vertical-specific solutions for their Document AI product platform: Lending DocAI. Procurement DocAI.

MY TAKE: Massive data breaches persist as agile software development fosters full-stack hacks

The Last Watchdog

Many of the high-profile breaches making headlines today are the by-product of hackers pounding away at Application Programming Interfaces (APIs) until they find a crease that gets them into the pathways of the data flowing between an individual user and myriad cloud-based resources. Whatever her motivation, when Thompson decided to exploit Capital One’s application and cloud security stack, she resorted to tried-and-true tactics used by ethical researchers, as well as by criminal hackers.

OLAP and Hadoop: The 4 Differences You Should Know

Perficient Data & Analytics

OLAP is a technology to perform multi-dimensional analytics like reporting and data mining. For transactions and data mining use OLAP. Perficient Cloud. Cloud Data & Analytics Digital Transformation analytics Business Intelligence Data Data Analysis data architecture digital transformation Hadoop OLAPOLAP and Hadoop are not the same. It has been around since 1970. Hadoop is a technology to perform massive computation on large data. Around since 2002.

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms.

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Security Affairs

“Most of the compromised nodes were from China and the US identified in the ISP (Internet Service Provider) list, which had Chinese and US-based providers as the highest hits, including some CSPs (Cloud Service Providers).”

Security Affairs newsletter Round 312

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Note to Self: Create Non-Exhaustive List of Competitors

Krebs on Security

Mine was learning that KrebsOnSecurity is listed as a restricted competitor by Gartner Inc. So when Gartner issues a public report forecasting that worldwide semiconductor revenue will fall, or that worldwide public cloud revenue will grow, those reports very often move markets.

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. “This attack stands out as yet another example of the growing threat to cloud native environments.

Mining 107

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs

“The script then calls a Monero coin-mining binary, darwin (detected as PUA.Linux.XMRMiner.AA), to run in the background. As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.” Researchers discovered that the repository contained nine images comprised of custom-made shells, Python scripts, configuration files, as well as Shodan and cryptocurrency -mining binaries.

Capital One Data Theft Impacts 106M People

Krebs on Security

Thompson on suspicion of downloading nearly 30 GB of Capital One credit application data from a rented cloud data server. The complaint doesn’t explicitly name the cloud hosting provider from which the Capital One credit data was taken, but it does say the accused’s resume states that she worked as a systems engineer at the provider between 2015 and 2016.

Cloud 210