Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking Cloud We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. By: David Fiser, Alfredo Oliveira November 15, 2021 Read time:  ( words) It’s been known that threat actors are actively exploiting misconfigured Linux-powered servers, regardless of whether they run on-premises or in the cloud. The compromised devices are mostly used for cryptojacking purposes with the dominance of mining…

Read More

QAKBOT Loader Returns With New Techniques and Tools

QAKBOT Loader Returns With New Techniques and Tools

QAKBOT Loader Returns With New Techniques and Tools Malware QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware attacks. Our report shares some insight into the new techniques and tools this threat is using. By: Ian Kenefick, Vladimir Kropotov November 13, 2021 Read time:  ( words) QAKBOT is a prevalent information-stealing malware that was first discovered…

Read More

This Week in Security News – November 12, 2021

This Week in Security News – November 12, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the prolific cybermercenaries, Void Balaur, and their recent attacks. Also, read on the 80-country agreement to mobilize safeguards against cyberattacks. Read on: Void Balaur and the Rise of the Cybermercenary Industry One of the most prolific cybermercenaries is Void Balaur, a Russian-speaking threat actor group that…

Read More

Private 5G Security Risks in Manufacturing Part 4

Private 5G Security Risks in Manufacturing Part 4

Private 5G Security Risks in Manufacturing Part 4 Exploits & Vulnerabilities We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. By: Yohei Ishihara November 12, 2021 Read time:  ( words) The option of Private 5G lets private companies and local governments have their own telecom infrastructures. However,…

Read More

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments

TeamTNT Upgrades Arsenal Refines Focus on Kubernetes and GPU Environments Using a new batch of campaign samples, we take a look at its more recent cybercrime contributions and compare them with its previous deployments to demonstrate the group’s use of upgraded tools and payloads. By: David Fiser, Alfredo Oliveira November 11, 2021 Read time:  ( words) In previous entries, we described how the hacking group TeamTNT targeted unsecured Redis instances, exposed Docker APIs, and vulnerable Kubernetes clusters in order to deploy cryptocurrency-mining payloads and credential…

Read More
1 25 26 27