Security Affairs

JUNE 15, 2019

“In this new attack, the threat actor first externally scans a given IP range by sending a TCP SYN packet to port 2375, the default port used for communicating with the Docker daemon.” “The output of this command is saved into a file named ips.txt, which is then fed into the Docker.exe file.

File names 93

File names Mining Access Communications 93

Security Affairs

APRIL 28, 2020

This directory contains the crypto mining module named kswapd0. In this folder, the first one to be executed is the file “a”. The script looks like the following: Figure 5: Content of the “a” file. The executed crypto miner is the file named “” kswapd0 ” based on the famous XMRIG monero crypto miner.

Mining 101

Mining File names Honeypots IT 101

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining 87

Mining File names Passwords Communications 87

Troy Hunt

MARCH 3, 2021

Most organisation begin with "we take the security of your data seriously", layer on lawyer speak, talk about credit cards not being exposed and then promise to provide further updates as they come to hand. This (almost always) identifies you, it's literally how people communicate with *you*! Gab's approach. Coincidence?

Passwords 145

Passwords Data breaches Mining Risk 145