Browsing tag
A new strain of ransomware named Lilocked or Lilu has affected thousands of Linux-based servers all over the world. The ransomware started infecting servers back in mid-July but in the last two weeks, the attacks have become more frequent. The very first case of Lilocked ransomware came to light when a user uploaded a ransomware […]
Faceless Computer Hacker Experts from a cybersecurity firm have discovered an IRC bot nicknamed Shellbot, built using Perl Shellbot Reports of specialists in digital forensics and cybersecurity from the International Institute of Cyber Security affirm that a new botnet has been discovered that attacks mainly Linux servers and vulnerable Internet of things (IoT) devices. According to the […]
JSHielder is an Open Source tool developed to help SysAdmin and developers secure their Linux Servers in which they will be deploying any web application or services. According to information security experts this tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from […]
The hackers who installed and ran a cryptocurrency mining operation on hacked Tesla ASW servers and Jenkins servers is now targeting servers running Linux and has so far generated more than $74,000 in Monero. The new campaign uses the legitimate, open-source XMRig cryptominer in conjunction with exploiting the old vulnerability CVE-2013-2618, which is found in […]
Legitimate and large-scale cryptocurrency mining operations often invest in dedicated hardware and electric consumption to make a profit. This doesn’t escape the attention of cybercriminals: Malicious cryptocurrency mining was so pervasive last year that it was the most detected network event in devices connected to home routers. Through our incident response-related monitoring, we observed intrusion attempts whose indicators we’ve been able […]
An active cryptocurrency mining campaign targeting Linux servers via PHP Weathermap Vulnerability to deploy cryptocurrency mining malware. The campaign uses an outdated security flaw with “Network Weathermap” that allow a remote attacker to inject arbitrary codes in the server. In the current campaign, cybercriminals deploy the XMRig miner as final payload in the target server. […]
“Chaos” gives attackers, and follow-on attackers, full control over infected boxes. A stealthy backdoor undetected by antimalware providers is giving unknown attackers complete control over at least 100 Linux servers that appear to be used in business production environments, warn researchers. In a blog post published Wednesday, Montreal-based GoSecure claimed that a piece of malware dubbed “Chaos” […]
Attackers using the SambaCry vulnerability to target older versions of Samba(3.5.0) to upload and execute the malicious payload. SambaCry Vulnerability(CVE-2017-7494) have the similarities of SMB vulnerability exploited by WannaCry. Security experts from TrendMicro detected a Malware ELF_SHELLBIND.A which is similar to the functionality of SambaCry and this is the first payload with SambaCry that doesn’t […]
Malware operators are taking aim at Web developers. A newly discovered ransomware is attacking Linux Web servers, taking aim at Web development environments used to host websites or code repositories. Russian antivirus maker Dr.Web came across this malware and said that the ransomware needs root privileges to work. Additionally, the company also says it does not […]