Collaborate Disseminate
A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive … Continue reading MUT-1244 targeting security researchers, red teamers, and threat actors
Thousands of Linux systems are likely infected with the highly elusive and persistent “perfctl” (or “perfcc“) cryptomining malware and many others still could be at risk of getting compromised, Aqua Security researchers revealed… Continue reading Linux systems targeted with stealthy “Perfctl” cryptomining malware
A critical GeoServer vulnerability (CVE-2024-36401) is being actively exploited, allowing attackers to take control of systems for malware… Continue reading Critical GeoServer Vulnerability Exploited in Global Malware Campaign
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access c… Continue reading PostgreSQL databases under attack
By Deeba Ahmed
Migo Malware Campaign: User-Mode Rootkit Hides Cryptojacking on Linux Systems.
This is a post from HackRead.com Read the original post: New Linux Malware “Migo” Exploits Redis for Cryptojacking, Disables Security
Continue reading New Linux Malware “Migo” Exploits Redis for Cryptojacking, Disables Security
Ukrainian authorities have arrested an individual allegedly involved in a $2 million cryptojacking operation.
The post Hacker Behind $2 Million Cryptocurrency Mining Scheme Arrested in Ukraine appeared first on SecurityWeek.
Continue reading Hacker Behind $2 Million Cryptocurrency Mining Scheme Arrested in Ukraine
The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency mi… Continue reading 8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant app… Continue reading Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source … Continue reading Apache ActiveMQ bug exploited to deliver Kinsing malware
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has… Continue reading Looney Tunables bug exploited for cryptojacking