You searched for Drupalgeddon 2

Your search for Drupalgeddon 2 returned 7 results

Sort Results:

Relevant Recent

Cryptocurrency, Cybercrime, Malware, Security News

Make-A-Wish website compromised for cryptomining campaign

Bradley Barth

November 19, 2018

Not even the Make-A-Wish Foundation is off limits for some unscrupulous cybercriminals, as evidenced by a cryptojacking operation that compromised the charitable organization’s international website. Simon Kenin, security researcher at Trustwave, reported in a company blog post today that malicious actors injected a CoinImp browser-based cryptomining script that would harness the processing power of any…

Cryptocurrency

Cat burglar: Kitty cryptominer targets web application servers, then spreads to app users

Bradley Barth

May 3, 2018

Cat got your tongue? It also might be stealing your computer processing power, in order to mine Monero coins. According to researchers at Imperva, a newly uncovered, sophisticated cryptojacking malware nicknamed Kitty is attempting to infect web application servers by exploiting the recently discovered Drupalgeddon 2.0 remote code execution vulnerability that was patched last March.…

Cryptocurrency

Cryptomining campaign targeting web servers vulnerable to Drupalgeddon 2.0 nets $11,000

Bradley Barth

July 12, 2018

An ongoing malware campaign that attempts to exploit web servers susceptible to the Drupalgeddon 2.0 bug in order to infect them with an XMRig-based cryptominer has generated around $11,000 in profits since commencing last April and peaking on May 20.

Vulnerabilities

Drupal releases patch for a code-execution bug actively being exploited

Robert Abel

April 26, 2018

Drupal announced its third critical website bug found in the last month and has issued an unscheduled security update.

Cybercrime

Cryptojacking campaign hits 400 Drupal-based sites, many run by governments and universities

Bradley Barth

May 9, 2018

Nearly 400 websites running outdated and vulnerable versions of the Drupal content management system, many affiliated with governments and educational institutions, were recently discovered to be running cryptomining programs without their operators' knowledge.

Security News, Vulnerabilities

DirtyCOW is back in backdoor attack targeting Drupal Web Servers

Robert Abel

November 19, 2018

Threat actors are using the DirtyCOW bug to exploit a backdoor in Drupal Web Servers. Impreva researcher Nadav Avital spotted the attack on Oct. 31 exploiting the Drupalgeddon2 and DirtyCOW, bugs as well as system misconfigurations to persistently infect vulnerable Drupal web servers and take over user machines, according to a Nov. 19 blog post. Researchers noted this…

Reboot Leadership Awards 2019

Ben Herzberg – Imperva

September 23, 2019

Why Nominated: Under Ben Herzberg’s leadership, Imperva’s threat research team has uncovered key vulnerabilities in Facebook, Google Photos, Drupal and other online services and platforms. Profile: Herzberg and his Imperva research team are charged with identifying and evaluating software flaws that undermine application and data security. In November 2018, Imperva disclosed a significant Facebook vulnerability that…

Next post in Reboot Leadership Awards 2019

Active Filters

Your search for Drupalgeddon 2 returned 7 results

Sort Results:

Make-A-Wish website compromised for cryptomining campaign

Cat burglar: Kitty cryptominer targets web application servers, then spreads to app users

Cryptomining campaign targeting web servers vulnerable to Drupalgeddon 2.0 nets $11,000

Drupal releases patch for a code-execution bug actively being exploited

Cryptojacking campaign hits 400 Drupal-based sites, many run by governments and universities

DirtyCOW is back in backdoor attack targeting Drupal Web Servers

Ben Herzberg – Imperva

Alejandro Hernandez – IOActive