Cryptominers Snuck Logic Bomb Into Python Packages

Malware can show up where you least expect it. Researchers discovered a logic bomb attack in the Python Package Index (PyPI) repository, which is code repository for Python developers and part of the software supply chain. Attackers aimed to get honest software developers to include the bombs in their applications by accident.  The researchers found […]

The post Cryptominers Snuck Logic Bomb Into Python Packages appeared first on Security Intelligence.

Continue reading Cryptominers Snuck Logic Bomb Into Python Packages

A Fly on ShellBot’s Wall: The Risk of Publicly Available Cryptocurrency Miners

IBM Security X-Force researchers studied the botnet activity of a malware variant that is used by cyber crime groups to illegally mine cryptocurrency. Examining two ShellBot botnets that appeared in attacks honeypots caught, the X-Force team was able to infect its own devices and become part of the live botnets, thereby gaining insight into how […]

The post A Fly on ShellBot’s Wall: The Risk of Publicly Available Cryptocurrency Miners appeared first on Security Intelligence.

Continue reading A Fly on ShellBot’s Wall: The Risk of Publicly Available Cryptocurrency Miners

Securing Your Cloud Transformation Journey

Cloud computing introduced a paradigm shift in how companies operated, maintained and spent on IT. Through its varied service models (IaaS, PaaS and SaaS), it offers companies the ability to spin up their infrastructure in minutes, auto scale on demand, pay only as per use and offset significant IT costs spent on running and maintaining […]

The post Securing Your Cloud Transformation Journey appeared first on Security Intelligence.

Continue reading Securing Your Cloud Transformation Journey

Under Attack: How Threat Actors are Exploiting SOCKS Proxies

From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise, but can also be exploited by cybercriminals for nefarious reasons. Take a look at how SOCKS proxies have been manipulated recently […]

The post Under Attack: How Threat Actors are Exploiting SOCKS Proxies appeared first on Security Intelligence.

Continue reading Under Attack: How Threat Actors are Exploiting SOCKS Proxies

Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining

The Mirai botnet that made headlines in 2016 for taking out infrastructure through large-scale network attacks has become a reference point in the security industry for the damage that large IoT botnets can inflict. Since its source code was published … Continue reading Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining

Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining

The Mirai botnet that made headlines in 2016 for taking out infrastructure through large-scale network attacks has become a reference point in the security industry for the damage that large IoT botnets can inflict. Since its source code was published … Continue reading Hold My Beer Mirai – Spinoff Named ‘LiquorBot’ Incorporates Cryptomining

A Year (and Decade) in Review: Key Takeaways From 2019 Cybersecurity Trends

As the year comes to a close, it’s worth looking back at 2019 cybersecurity trends, tactics and takeaways and the 2010s as a whole to help define the next decade of cyberdefense.

The post A Year (and Decade) in Review: Key Takeaways From 2019 Cybersecurity Trends appeared first on Security Intelligence.

Continue reading A Year (and Decade) in Review: Key Takeaways From 2019 Cybersecurity Trends

Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Bitdefender researchers recently found and analyzed a worm-cryptominer combo that uses a series of exploits to move laterally and compromise victims. What makes it interest is that it pauses the resource-intensive cryptomining process if it finds popul… Continue reading Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Mining cryptocurrency at work lands Australian civil servant in court

A 33-year-old man from Sydney, New South Wales, could be sentenced to up to 10 years in jail after allegedly hijacking computers at his workplace to mine cryptocurrency for him. He’s probably not the first person in the world to be tempted into t… Continue reading Mining cryptocurrency at work lands Australian civil servant in court

Credential Dumping Campaign Hits Multinational Corporations

X-Force researchers observed attackers targeting multinational corporations in various sectors using malicious scripts to automate attacks on misconfigured servers.

The post Credential Dumping Campaign Hits Multinational Corporations appeared first on Security Intelligence.

Continue reading Credential Dumping Campaign Hits Multinational Corporations