command and control – Page 2

Magecart Credit-Card Skimmer Adds Telegram as C2 Channel

Posted on September 1, 2020 by Tara Seals

In a rare move, the encrypted messaging service is being used to send stolen payment-card data from websites back to cybercriminals. Continue reading Magecart Credit-Card Skimmer Adds Telegram as C2 Channel→

Doki Backdoor Infiltrates Docker Servers in the Cloud

Posted on July 30, 2020 by Tara Seals

The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet. Continue reading Doki Backdoor Infiltrates Docker Servers in the Cloud→

Self-Propagating Lucifer Malware Targets Windows Systems

Posted on June 24, 2020 by Lindsey O'Donnell

A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities. Continue reading Self-Propagating Lucifer Malware Targets Windows Systems→

Detecting the Impossible: Serverless C2 in the Cloud

Posted on July 10, 2019 by Gary Golomb

There are certain sophisticated threat behaviors that are generally considered “impossible” to detect on the network, which are both tedious and challenging for security teams to protect against. These include the use of encryption by attackers, filel… Continue reading Detecting the Impossible: Serverless C2 in the Cloud→

Anomaly in pen-test tool made malware servers visible

Posted on March 4, 2019 by John E Dunn

A security company was able to track command and control traffic generated by hacking groups thanks to an anomaly in a pen-testing tool. Continue reading Anomaly in pen-test tool made malware servers visible→

Massive botnet chews through 20,000 WordPress sites

Posted on December 10, 2018 by Danny Bradbury

Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords. Continue reading Massive botnet chews through 20,000 WordPress sites→

The MITRE ATT&CK Framework: Command and Control

Posted on October 2, 2018 by Travis Smith

Most malware these days has some level of Command and Control. This can be to exfiltrate data, tell the malware what instructions to execute next, or download encryption keys in the case of ransomware. In each case of command and control, the attacker … Continue reading The MITRE ATT&CK Framework: Command and Control→

Fbot Botnet Chases Down and Cleans Systems Infected with com.ufo.miner

Posted on September 18, 2018 by Milena Dimitrova

Quite the peculiar botnet was detected in the wild by Qihoo researchers. The botnet, dubbed Fbot and based on the code of Satori, appears to be “just going after and removing another botnet com.ufo.miner”. Fbot is displaying other forms of…. Continue reading Fbot Botnet Chases Down and Cleans Systems Infected with com.ufo.miner→

Critical Vulnerability Patched in Apache Struts

Posted on August 24, 2018 by Lucian Constantin

The Apache Struts web development framework has received new security updates to address a critical vulnerability that could allow attackers to compromise web applications and servers. Apache Struts is widely used for developing web applications in en… Continue reading Critical Vulnerability Patched in Apache Struts→