Attacker hacked one Microsoft Exchange server to gain access to others
The tactic is sophisticated, with firewalls unlikely to block traffic between Exchange servers and potentially giving such traffic a pass in terms of content inspection.
About SC Media
Cryptocurrency
Digital artists meet scam artists, as criminals pounce on NFT craze
Criminals are standing up fraudulent NFT-themed websites that sell nonexistent items or phish users’ credentials.
New cryptominer botnet spreads payload, less intrusive
A new cryptocurrency-mining botnet attack called Prometei bypasses detection systems and monetizes its campaigns in less intrusive ways. It is the first time that anyone’s documented a multi-modular botnet, according to Talos, which discovered the botnet and dubbed it “Prometei.” The botnet, which has been active since March, spreads a payload to provide financial benefits…
Access Control, Cryptocurrency, Cybercrime, Insider Threats, Network Security, Security News, Web Services Security, E-Commerce Security
Twitter hack is a reminder of the dangers of unfettered employee access
Twitter’s acknowledgement that a “coordinated social engineering campaign” involving multiple employees was behind a hack of prominent verified accounts raises significant questions as to whether business organizations are implementing effective security controls that limit potential insider threats’ access to back-end administrative tools. The hacking incident — which promoted a cryptocurrency scam and victimized the accounts…
Docker attackers devise clever technique to avoid detection
In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they build their own malicious images on a targeted host instead of pulling preexisting ones from a public registry. This maneuver allows the adversaries to avoid static detection by scanners that are programmed to look for…
Cryptomining campaign targets Kubernetes via machine learning framework
A malware campaign is abusing the popular machine-learning (ML) framework Kubeflow in order to target Kubernetes clusters with a crypto miner, Microsoft’s Azure Security Center (ASC) warns. Tens of clusters running on the Kubernetes open-source container orchestration system have already been impacted, the ASC notes in a blog post published this week. “Nodes that are…
CoinMiner found in third-party Zoom download
The bad news for Zoom keeps coming rolling in with Trend Micro researchers finding CoinMiner being bundled with a legitimate installer of the video conferencing software. The good news is the installer, Zoom installer version 4.4.0.0, is not from the company’s official download center, but likely from a fraudulent third-party store, Trend Micro reported. However,…
Vivin’s low-end cryptomining campaign enters third year of activity
When it comes to cybercrime one does not necessarily have to be good to be successful as is being demonstrated by the cryptomining campaign Vivin. Cisco Talos first came across samples of Vivin’s activity in November 2019, but upon further research found this mining activity had been ongoing since at least 2017. The fact it…
Attackers distill essence of Mirai IoT botnet into LiquorBot malware
Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed LiquorBot, the botnet malware is written in Go programming language and seems to use the same command-and-control infrastructure as Mirai. Sometimes, attack campaigns have even paired both LiquorBot and Mirai together in malicious dropper scripts,…
Dexphot malware uses fileless techniques to install cryptominer
Microsoft Corporation yesterday revealed its discovery of a polymorphic malware that uses fileless techniques to execute a cryptomining program on victimized machines. Dubbed Dexphot, the malware was first observed in October 2018 when Microsoft detected a campaign that “attempted to deploy files that changed every 20 to 30 minutes on thousands of devices,” according to…
Want to read more?
Next post in Cryptocurrency
