2014, Mining and Security - Information Management Today

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. “Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.”

Mining

Mining Libraries Access Encryption

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. You can mine them, if you have a powerful CPU. Bilogorskiy.

Mining

Mining Cloud Ransomware Passwords

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. The security incident has happened in July at the South Ukraine Nuclear Power Plant at Yuzhnoukrainsk, in the south of the country. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

Ngrok Mining Botnet

Security Affairs

SEPTEMBER 22, 2018

Specifically, it demonstrates a novel, dynamic and robust operational security model and the ability to detect and attack newly deployed and misconfigured infrastructure. Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware.

Mining

Mining Honeypots Security IT

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Security Affairs

FEBRUARY 28, 2019

The popular in-browser cryptocurrency mining service Coinhive has announced that it will shut down on March 8, 2019. Security firms spotted several hacking campaigns aimed at compromising websites to install JavaScript-based Monero (XMR) cryptocurrency mining scripts and monetize their efforts. Pierluigi Paganini.

Mining

Mining Marketing Access Security

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. org is in this blacklist and it is known that Rocke Group has used this domain for their crypto-mining operations. ” continues the report. Pierluigi Paganini.

Mining

Mining Cloud Security IT

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

JULY 19, 2019

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media. Pierluigi Paganini.

Mining

Mining Cloud Archiving Sales

Google bans cryptocurrency mining apps from the official Play Store

Security Affairs

JULY 28, 2018

Google has updated the Play Store Developer Policy page to ban mobile mining apps that mine cryptocurrencies using the computational resources of the devices. “We don’t allow apps that mine cryptocurrency on devices,” reads the entry included in the policy. Securi ty Affairs – mining apps, Google).

Mining

Mining IT Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Mining

Mining Passwords Access Security

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. CVE-2014-3120 (Elasticsearch before 1.2) x before 1.4.3)

Mining

Mining Cloud Access Security

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. ” reads the report published by Cado Security.

Mining

Mining Security Access IT

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies , which offers paying customers the ability to route their web traffic anonymously through compromised computers. The account didn’t resume posting on the forum until April 2014.

Passwords

Passwords Blockchain Mining Marketing

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments. Pierluigi Paganini.

Mining

Mining Communications IT Security

Security Affairs newsletter Round 274

Security Affairs

JULY 26, 2020

Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Mining Ransomware Phishing

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

Security Affairs

JULY 24, 2018

In an ideal world, all of the security controls are applied and all of the debugging tools are removed or disabled before the code is released to the public. ” These are very powerful functions for debugging tools, and also useful for executing malicious code without being trapped by the usual security controls.

Mining

Mining IoT Blockchain Risk

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Security Affairs

JUNE 19, 2021

Experts attribute a series of cyber-espionage campaigns dating back to 2014, and focused on gathering military intelligence, to China-linked Unit 69010. Experts noticed that RedFoxtrot activity overlaps with groups tracked by other security firms as Temp.Trident and Nomad Panda. ” continues the report. Pierluigi Paganini.

Military

Military Mining Government Communications

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. In the days that followed, the DFS and U.S.

Insurance

Insurance Financial Services Mining Access

Security Affairs newsletter Round 264

Security Affairs

MAY 17, 2020

Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. A new round of the weekly SecurityAffairs newsletter arrived!

Security

Security Ransomware Mining Data breaches

Previously undetected VictoryGate Botnet already infected 35,000 devices

Security Affairs

APRIL 27, 2020

The VictoryGate bot propagates via infected USB devices, it was designed to mine Monero abusing resourced of compromised devices, it is also able to deliver additional payloads. The security firm with the help of No-IP and the non-profit Shadowserver Foundation was able to take them all down. ” continues the analysis.

Mining

Mining Communications IT Cybersecurity

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. .” ” continues the report. Pierluigi Paganini.

Blockchain

Blockchain Mining Cloud Communications

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password.

Mining

Mining Libraries Cloud Communications

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

SEPTEMBER 10, 2018

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. Thousands of unpatched devices are mining for cryptocurrency at the moment. Even if the vendor released a security fix that addresses the flaw in April, the number of not updated routers is still very high.

Mining

Mining IoT Libraries Security

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers.

Mining

Mining Libraries Analytics Security

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs

JUNE 1, 2019

“The script then calls a Monero coin-mining binary, darwin (detected as PUA.Linux.XMRMiner.AA), to run in the background. As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.” ” continues the report.

Mining

Mining Honeypots Cloud Passwords

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

The best news of the week with Security Affairs. Israel surveillance firm NSO group can mine data from major social media. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Kindle Edition. Paper Copy.

Security

Security Mining Ransomware Data collection

Security Affairs newsletter Round 203 – News of the week

Security Affairs

MARCH 3, 2019

The best news of the week with Security Affairs. CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Kindle Edition. Paper Copy. Once again thank you!

Security

Security Mining Ransomware Paper

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs

APRIL 30, 2020

— Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020. ” reads the Tweet published by the Microsoft Security Intelligence team. . ” reads the Tweet published by the Microsoft Security Intelligence team. The in-memory DLL then injects a coin-mining code into notepad.exe through process hollowing.

Mining

Mining File names Risk Cybersecurity

Security Affairs newsletter Round 228

Security Affairs

AUGUST 25, 2019

The best news of the week with Security Affairs. Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency. Hackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Once again thank you!

Security

Security Mining Data breaches Libraries

Security Affairs newsletter Round 214 – News of the week

Security Affairs

MAY 19, 2019

The best news of the week with Security Affairs. If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” [link]. Security breach suffered by credit bureau Equifax has cost $1.4 Kindle Edition. Paper Copy.

Security

Security Mining Analytics Data breaches

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. In September thousands of unpatched MikroTik Routers were involved in new cryptocurrency mining campaigns. Pierluigi Paganini. Pierluigi Paganini.

Mining

Mining Systems administration Security Access

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

OCTOBER 23, 2020

Security measures have been taken to limit the risk of propagation.” A few days before, EVRAZ , one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Security Affairs

MAY 4, 2020

A few days ago, researchers from F-Secure disclosed a number of vulnerabilities in the “Salt” framework, including two issues that could be exploited by attackers to take over Salt installations. A few hours later another security incident was reported by the media, ZDNet reported that the Node.js-based Pierluigi Paganini.

Mining

Mining Authentication Ransomware Access

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Mining Communications IT

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. ” conclude the experts. Pierluigi Paganini.

Mining

Mining Passwords Education Cybersecurity

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

The best news of the week with Security Affairs. Ngrok Mining Botnet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Newsletter ). A new round of the weekly SecurityAffairs newsletter arrived!

Computer and Electronics

Computer and Electronics Security Mining Data breaches

FTX Collapse Highlights the Cybersecurity Risks of Crypto

eSecurity Planet

NOVEMBER 18, 2022

Security Forensics Investigation. He has “worked around the clock” to secure assets, identify crypto on the blockchain , find records, and work with regulators and government authorities. There were no “appropriate” security controls with digital assets. Security is another issue with the industry. Securing Crypto.

Cybersecurity

Cybersecurity Risk Blockchain Mining

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. The regulation around IoT security was this year’s signal that the answer is, fortunately, no. Insights from VDOO’s leadership. 2019 will continue these trends but at a faster pace.

IoT

IoT Security Manufacturing Privacy

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages.

CMS

CMS Mining Communications Security

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

.” “While it is an inconvenience for them to be disconnected, it’s safer for the state as a whole due to the critical nature of this network for all of North Carolina’s Law Enforcement,” reads the security breach notification sent by email. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Computer and Electronics Mining

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

In an 8-K form filed with the Securities and Exchange Commission (SEC), the company has disclosed the ransomware attack that took place on October 22nd, 2020. A few days before, EVRAZ , one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos. Pierluigi Paganini.

Mining

Mining IT Security Information Security

Blue Mockingbird Monero-Mining campaign targets web apps

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Trending Sources

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Ngrok Mining Botnet

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Pacha Group declares war to rival crypto mining hacking groups

Israel surveillance firm NSO group can mine data from major social media

Google bans cryptocurrency mining apps from the official Play Store

New MrbMiner malware infected thousands of MSSQL DBs

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

TeamTNT is the first cryptomining bot that steals AWS credentials

Who’s Behind the Botnet-Based Service BHProxies?

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs newsletter Round 274

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

NY Charges First American Financial for Massive Data Leak

Security Affairs newsletter Round 264

Previously undetected VictoryGate Botnet already infected 35,000 devices

Doki, an undetectable Linux backdoor targets Docker Servers

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs newsletter Round 223 – News of the week

Security Affairs newsletter Round 203 – News of the week

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs newsletter Round 228

Security Affairs newsletter Round 214 – News of the week

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Sopra Steria hit by the Ryuk ransomware gang

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

New HEH botnet wipes devices potentially bricking them

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs newsletter Round 181 – News of the week

FTX Collapse Highlights the Cybersecurity Risks of Crypto

5 IoT Security Predictions for 2019

KashmirBlack, a new botnet in the threat landscape that rapidly grows

The City of Durham shut down its network after Ryuk Ransomware attack

Steelcase office furniture giant hit by Ryuk ransomware attack

WatchBog cryptomining botnet now uses Pastebin for C2

Stay Connected