Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. Each payload comes compiled with a standard list of commonly used Monero-mining domains alongside a Monero wallet address,” continues the analysis. “So

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. You can mine them, if you have a powerful CPU. Or you can hijack other people’s computers to do the mining. LW: I can’t really use my MacBook to mine Bitcoin, can I?

Mining 146
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries. The backdoor was used by attackers to inject mining code in Ruby projects using the malicious versions of the libraries.

Learning Journey ? Apprentice Library Assistant

CILIP

Apprentice Library Assistant. Working in a library was always a goal of mine, but I was never quite sure how to get there. Assignments set by LMP and projects arising in the workplace equip me with both a broad and specialist insight into library provision.

Weekly podcast: Australian Cabinet Files, Matt Hancock MP’s app and Monero mining

IT Governance

Unfortunately, however, the BBC reports that there are a few “teething troubles […] with some users saying their privacy has been compromised after responding to an on-screen prompt asking for access to their photo library. The app then still […] accesses the photo library whether the user denies access or not.”. Wait a moment – cryptocurrency mining ?

Working Internationally for Libraries: How to write effective grant proposals

CILIP

Working Internationally for Libraries: How to write effective grant proposals. I had heard about the International Federation of Library Associations (IFLA) during my MSc, but I didn?t t know much about the IFLA World Library and Information Congress (WLIC) till this conversation with a colleague who attends the Congress fairly regularly. We all know that libraries are facing tough financial times. e.g., follow CILIP and other Library Associations.

The Fenway Library Organization provides affordable digital preservation to its members

Preservica

Preservica’s Cloud Edition for Consortia delivers value of complete Preservica offering for budget-strapped Academic Libraries. Preservica, the market leader in SaaS-based active digital preservation, is pleased to announce that the Fenway Library Organization (FLO) has selected Preservica’s Cloud Edition for consortia to preserve and safeguard digital content for its members. The libraries will preserve archival materials that are part of the institutional memory.

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. Thousands of unpatched devices are mining for cryptocurrency at the moment. Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. The expert found 3,734 devices by querying Shodan for MikroTik routers running the mining tool, and the number is growing.

30 Docker images downloaded 20M times in cryptojacking attacks

Security Affairs

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. “One of the easiest ways is cryptojacking – the illegal use of someone else’s computing resources to mine cryptocurrencies.

TeamTNT group adds new detection evasion tool to its Linux miner

Security Affairs

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. ” The “preloading” technique allows the system to load a custom shared library before other system libraries are loaded.

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

The malicious Monero (XMR) Coinhive cryptomining scripts were delivered leveraging the Google’s legitimate Google Tag Manager (GTM) library. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers. The mining script then gets activated and begins using the majority of the computer’s CPU cycles to mine Monero for the operators.”

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. gopsutil – a process utility library, used for system and processes monitoring.

Mining 105

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The malware deploys the XMRig mining tool to mine Monero cryptocurrency.

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

“LD_PRELOAD forces binaries to load specific libraries before others, allowing the preloaded libraries to override any function from any library. One of the ways to use LD_PRELOAD is to add the crafted library to /etc/ld.so.preload.”

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms.

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

The Last Watchdog

The adware applications were linked together by the use of third-party Android libraries, which bypass the background service restrictions present in newer Android versions. However, our analysts were able to detect it because apps using these libraries waste the user’s battery and make the device slower. In this instance, the libraries kept displaying more and more ads, which does violate the Google Play Store rules.

Why is most of the 20th Century invisible to AI?

CILIP

ve read that only seven libraries have been taken to court in the UK. As chair of a university library committee, she has followed the current ebook pricing controversy and believes it is a symptom of a deeper problem. ?They?re Here the text mining is used to hunt down references. ?You

I Now Own the Coinhive Domain. Here's How I'm Fighting Cryptojacking and Doing Good Things with Content Security Policies.

Troy Hunt

I'll give you a perfect example of that last point: in Feb 2018 I wrote about The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries wherein someone had compromised a JS file on the Browsealoud service and injected the Coinhive script into it.

Mining 113

How to Keep Your WFH Employees Safe From new Cybersecurity Attacks

InfoGoTo

If yours doesn’t, Gizmo’s Freeware maintains an excellent library of free software curated by its community. A global pandemic is a gold mine for purveyors of phishing attacks, which are deceptive email messages that contain malicious links or attachments.

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

“I suspect it’s probably a derivate of other IoT crypto mining botnets,” Cashdollar told The Register. “The malware is uploaded as gzip compressed tarball archives of binaries, scripts, and libraries. The libraries reside under the directory c/lib I thought it would be required to run the binaries in the tarball , but the binaries are compiled statically, so the libraries are extraneous.”

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

The malware also installs three other files, hhc.exe, hha.dll and chaes1.bin, researchers also observed the use of a cryptocurrency mining module. .

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs

The Commons FileUpload library is the default file upload mechanism in Struts 2, the CVE-2016-1000031 was discovered two years ago by experts at Tenable. The critical patch advisory for 2019 also fixed the CVE-2018-11776 vulnerability in the OCA’s Communications Policy Management Component, this issue was exploited in 2018 by threat actors to mine cryptocurrency.

MY TAKE: How blockchain technology came to seed the next great techno-industrial revolution

The Last Watchdog

Bitcoin mining, for instance, is a contest to solve a difficult cryptographic puzzle in order to earn the right to add the next block of validated ledger entries to the historical chain of ledger blocks. Launched in 2016, Hyperledger has begun incubating projects such as Hyperledger Ursa , which is intended to be a go-to, shared cryptographic library. “In

The Long Run of Shade Ransomware

Security Affairs

Shade connects to its C2 server using embedded TOR libraries and downloads additional modules, such as the aforementioned “CMSBrute” or the “ZCash miner” one. A quick review of the launching parameters shows interesting information: the type and the version of the mining client used by the attacker, a “ NHEQ Miner ” developed by Nicehash; the mining pool abused by the criminal; and the wallet ID ( t1L9iBXyRgaYrQ5JSTSdstopV6pHtZ2Xdep).

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

This makes government networks even more vulnerable and hackers see them as a gold mine. If they can do that by stealing personally identifiable information or any of the other valuable things from a government institution, whether it’s a library or a court system, they’ll do just that.”. In March 2018, the city of Atlanta fell victim to a ransomware attack that shut down its computer network. City agencies were unable to collect payment. Police departments had to handwrite reports.

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

“Simultaneous with its attacks, BlackSquid also downloads and executes two XMRig cryptocurrency-mining components.! If the system checks for Nvidia and AMD video cards using WQL (WMI Query Language, where WMI stands for Windows Management Instrumentation), the malware downloads the second component into the system to mine for graphics processing unit (GPU) resource.”

Weekly podcast: Browsealoud cryptojacking, Bee Token phishing and Olympic attacks

IT Governance

This week, we discuss the use of cryptocurrency mining software on numerous government websites, a phishing scam that robbed Bee Token investors of $1 million and cyber attacks on the Pyeongchang Winter Olympics. I mentioned cyber criminals’ increasing use of cryptocurrency mining or ‘cryptomining’ software a couple of weeks ago. However, using others’ machines to mine for cryptocurrency without their knowledge indubitably constitutes malicious and illegal activity.

Hundreds of thousands MikroTik Routers involved in massive Coinhive cryptomining campaign

Security Affairs

Experts uncovered a massive cryptojacking campaign that is targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. Security experts have uncovered a massive cryptojacking campaign that is targeting MikroTik routers, the hackers aim to change the configuration of the devices to inject a Coinhive cryptocurrency mining script in the users’ web traffic.

Twitter Hacking for Profit and the LoLs

Krebs on Security

“can u edit that comment out, @tankska is a gaming twitter of mine and i dont want it to be on ogu :D’,” lol wrote.

Mining 227

Into the Wild

Unwritten Record

Today, I’m highlighting series 22-DP: Photographs from the National Digital Library, ca. There are thousands more photos just like these that highlight the beauty of nature, and will surely pique your curiosity like they did mine.

How to write effective travel and study grant proposals

CILIP

I had heard about the International Federation of Library Associations (IFLA) during my MSc, but I didn?t t know much about the IFLA World Library and Information Congress (WLIC) till this conversation with a colleague who attends the Congress fairly regularly.

Security Affairs newsletter Round 228

Security Affairs

A backdoor mechanism found in tens of Ruby libraries. Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency. A new round of the weekly newsletter arrived! The best news of the week with Security Affairs. Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you!

Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

Security Affairs

The massive cryptojacking campaign was targeting MikroTik routers, the hackers aimed at changing the configuration of the devices to inject a Coinhive cryptocurrency mining script in the users’ web traffic.

The whole sector needs to work together

CILIP

THE choice was either to teach a procurement expert about libraries or to teach a librarian about procurement. so making that framework more appropriate to the library sector. One aim is to find flexibility and grow common ground between suppliers and university libraries.

Spotlight: Photographs Documenting the Civilian Conservation Corps (CCC)

Unwritten Record

In fact, photographs documenting CCC activities and companies are scattered throughout the United States and are housed within the collections of state libraries and archives, university libraries and archives, and within the collections of local historical societies.

Information Literacy and Records Management

Brandeis Records Manager

Info literacy has largely become the preserve of the library community , with a focus on teaching scholars and citizens to navigate and to differentiate the information that confronts us. Also, as I’ve suggested , fact denial and fake news—land mines under the librarian’s definition of info literacy—should be serious concerns for the RIM and IG professional communities as well, given our core principles of integrity and transparency. George Despres, CRM.

memcpy (and friends) with NULL pointers

Imperial Violet

Emphasis is mine.). says that passing a NULL pointer to a standard library function is undefined behaviour, therefore if dest was NULL any behaviour is reasonable. can be applied to any standard library function. It's clear that one has to write C code that's resilient to the compiler assuming that any pointers passed to standard library functions are non-NULL.

Welcome new Archive-It teammates

Archive-It

Ella Hitchcock is completing her Masters in Library and Information Sciences + Masters of Art from the University of Alberta. When she’s not furthering digitization efforts, she’s embroidering, playing a lot of Tetris, and data mining web archives that involve fan activity.

Preserving Modern Books

Archives Blogs

Preserving Modern and Contemporary Collections in Libraries and Archives “ It gave me a great excuse to pull together many of the modern items in our collections that pose particular preservation challenges. Your House is Mine. Usually when people think of preservation work in archives and special collections, the first thing that comes to mind is crumbling old letters and ancient volumes, but the reality is that modern materials can pose even greater preservation challenges.

Founders Online Celebrates Seventh Anniversary

Archives Blogs

Though I live in the Washington area and can get to the Library of Congress, working from home saves me two hours a day in commuting time…. Media, social and otherwise, mine the trove. Seven years ago, we launched Founders Online.

Paper 38