2015, Mining and Security - Information Management Today

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. “Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.”

Mining

Mining Libraries Access Encryption

Ngrok Mining Botnet

Security Affairs

SEPTEMBER 22, 2018

Specifically, it demonstrates a novel, dynamic and robust operational security model and the ability to detect and attack newly deployed and misconfigured infrastructure. Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware.

Mining

Mining Honeypots Security IT

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. The security incident has happened in July at the South Ukraine Nuclear Power Plant at Yuzhnoukrainsk, in the south of the country. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Security Affairs

FEBRUARY 28, 2019

The popular in-browser cryptocurrency mining service Coinhive has announced that it will shut down on March 8, 2019. Security firms spotted several hacking campaigns aimed at compromising websites to install JavaScript-based Monero (XMR) cryptocurrency mining scripts and monetize their efforts. Pierluigi Paganini.

Mining

Mining Marketing Access Security

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. org is in this blacklist and it is known that Rocke Group has used this domain for their crypto-mining operations. ” continues the report. Pierluigi Paganini.

Mining

Mining Cloud Security IT

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

JULY 19, 2019

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media. Pierluigi Paganini.

Mining

Mining Cloud Archiving Sales

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. The WatchDog botnet has been active at least since Jan.

Mining

Mining Cloud Access Security

Google bans cryptocurrency mining apps from the official Play Store

Security Affairs

JULY 28, 2018

Google has updated the Play Store Developer Policy page to ban mobile mining apps that mine cryptocurrencies using the computational resources of the devices. “We don’t allow apps that mine cryptocurrency on devices,” reads the entry included in the policy. Securi ty Affairs – mining apps, Google).

Mining

Mining IT Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Mining

Mining Passwords Access Security

EVRAZ operations in North America disrupted by Ryuk ransomware

Security Affairs

MARCH 7, 2020

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. Pierluigi Paganini. SecurityAffairs – hacking, EVRAZ).

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Passwords

Passwords Data breaches Marketing IT

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments. Pierluigi Paganini.

Mining

Mining Communications IT Security

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. ” reads the report published by Cado Security.

Mining

Mining Security Access IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. You can mine them, if you have a powerful CPU. Bilogorskiy.

Mining

Mining Cloud Ransomware Passwords

Security Affairs newsletter Round 274

Security Affairs

JULY 26, 2020

Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. A new round of the weekly SecurityAffairs newsletter arrived!

Security

Security Mining Ransomware Phishing

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

Security Affairs

JULY 24, 2018

In an ideal world, all of the security controls are applied and all of the debugging tools are removed or disabled before the code is released to the public. ” These are very powerful functions for debugging tools, and also useful for executing malicious code without being trapped by the usual security controls.

Mining

Mining IoT Blockchain Risk

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

Previously undetected VictoryGate Botnet already infected 35,000 devices

Security Affairs

APRIL 27, 2020

The VictoryGate bot propagates via infected USB devices, it was designed to mine Monero abusing resourced of compromised devices, it is also able to deliver additional payloads. The security firm with the help of No-IP and the non-profit Shadowserver Foundation was able to take them all down. ” continues the analysis.

Mining

Mining Communications IT Security

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password.

Mining

Mining Libraries Cloud Communications

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers.

Mining

Mining Libraries Analytics Security

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

SEPTEMBER 10, 2018

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. Thousands of unpatched devices are mining for cryptocurrency at the moment. Even if the vendor released a security fix that addresses the flaw in April, the number of not updated routers is still very high.

Mining

Mining IoT Libraries Security

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. .” ” continues the report. Pierluigi Paganini.

Blockchain

Blockchain Mining Cloud Communications

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. In September thousands of unpatched MikroTik Routers were involved in new cryptocurrency mining campaigns. Pierluigi Paganini. Pierluigi Paganini.

Mining

Mining Systems administration Security Access

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs

JUNE 1, 2019

“The script then calls a Monero coin-mining binary, darwin (detected as PUA.Linux.XMRMiner.AA), to run in the background. As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.” ” continues the report.

Mining

Mining Honeypots Cloud Passwords

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs

APRIL 30, 2020

— Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020. ” reads the Tweet published by the Microsoft Security Intelligence team. . ” reads the Tweet published by the Microsoft Security Intelligence team. The in-memory DLL then injects a coin-mining code into notepad.exe through process hollowing.

Mining

Mining File names Risk Cybersecurity

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. Pierluigi Paganini. adrotate banner=”13″].

Mining

Mining Passwords Education Cybersecurity

Security Affairs newsletter Round 214 – News of the week

Security Affairs

MAY 19, 2019

The best news of the week with Security Affairs. If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” [link]. Security breach suffered by credit bureau Equifax has cost $1.4 Kindle Edition. Paper Copy.

Security

Security Mining Analytics Data breaches

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages.

CMS

CMS Mining Communications Security

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. The regulation around IoT security was this year’s signal that the answer is, fortunately, no. Insights from VDOO’s leadership. 2019 will continue these trends but at a faster pace.

IoT

IoT Security Manufacturing Privacy

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

.” “While it is an inconvenience for them to be disconnected, it’s safer for the state as a whole due to the critical nature of this network for all of North Carolina’s Law Enforcement,” reads the security breach notification sent by email. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Computer and Electronics Mining

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

OCTOBER 28, 2018

Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. Experts pointed out that a Docker Engine is not properly secured could be exposed to remote attack through Docker Engine API. Docker Trusted Registry ).

Mining

Mining Systems administration Encryption Authentication

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

OCTOBER 23, 2020

Security measures have been taken to limit the risk of propagation.” A few days before, EVRAZ , one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Security Affairs

MAY 4, 2020

A few days ago, researchers from F-Secure disclosed a number of vulnerabilities in the “Salt” framework, including two issues that could be exploited by attackers to take over Salt installations. A few hours later another security incident was reported by the media, ZDNet reported that the Node.js-based Pierluigi Paganini.

Mining

Mining Authentication Ransomware Access

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

National Mining Office for Hydrocarbons & Geo-resources. Brian Dunn is a writer & researcher formally working as a content specialist for AnonHQ throughout 2015-2016. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Archiving Mining Education

Black Kingdom ransomware operators exploit Pulse VPN flaws

Security Affairs

JUNE 15, 2020

Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. Black Kingdom ransomware was first spotted in late February by security researcher GrujaRS. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability.

Ransomware

Ransomware Mining Encryption Access

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

The best news of the week with Security Affairs. Israel surveillance firm NSO group can mine data from major social media. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 223 – News of the week appeared first on Security Affairs. Paper Copy.

Security

Security Mining Ransomware Data collection

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. “Recently, 360 Total Security team intercepted a new worm PsMiner written in Go, which uses CVE-2018-1273, CVE-2017-10271, CVE-2015-1427, CVE-2014-3120 and other high-risk vulnerabilities ?

Mining

Mining Passwords Security Risk

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining

Mining Passwords IT Security

Security Affairs newsletter Round 203 – News of the week

Security Affairs

MARCH 3, 2019

The best news of the week with Security Affairs. CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 203 – News of the week appeared first on Security Affairs. Paper Copy.

Security

Security Mining Ransomware Paper

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos. Pierluigi Paganini.

Mining

Mining IT Security Information Security

Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters

Security Affairs

JUNE 11, 2020

Microsoft’s Azure Security Center (ASC) is warning of a hacking campaign that targets Kubeflow, a machine learning toolkit for Kubernetes. ” Hackers are targeting Kubernetes clusters because nodes used from ML operations have huge computational capabilies making them ideal for fraudulent mining purposes. Pierluigi Paganini.

Mining

Mining Access Security IT

Blue Mockingbird Monero-Mining campaign targets web apps

Ngrok Mining Botnet

Webinars

Trending Sources

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Webinars

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Pacha Group declares war to rival crypto mining hacking groups

Israel surveillance firm NSO group can mine data from major social media

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Google bans cryptocurrency mining apps from the official Play Store

New MrbMiner malware infected thousands of MSSQL DBs

EVRAZ operations in North America disrupted by Ryuk ransomware

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

New KryptoCibule Windows Trojan spreads via malicious torrents

TeamTNT is the first cryptomining bot that steals AWS credentials

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

Security Affairs newsletter Round 274

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Previously undetected VictoryGate Botnet already infected 35,000 devices

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Doki, an undetectable Linux backdoor targets Docker Servers

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Crooks spread malware via pirated movies during COVID-19 outbreak

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs newsletter Round 214 – News of the week

KashmirBlack, a new botnet in the threat landscape that rapidly grows

5 IoT Security Predictions for 2019

The City of Durham shut down its network after Ryuk Ransomware attack

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Sopra Steria hit by the Ryuk ransomware gang

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Black Kingdom ransomware operators exploit Pulse VPN flaws

Security Affairs newsletter Round 223 – News of the week

Modular Cryptojacking malware uses worm abilities to spread

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs newsletter Round 203 – News of the week

WatchBog cryptomining botnet now uses Pastebin for C2

Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters

Stay Connected