Security News

Misconfigured Selenium Grid servers abused for Monero mining
2024-07-28 14:09

Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. Selenium Grid is open-source and enables developers to automate testing across multiple machines and browsers.

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining
2024-07-26 06:19

Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Selenium Grid, part of the Selenium automated testing framework, enables parallel execution of tests across multiple workloads, different browsers, and various browser versions.

Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
2024-07-09 11:50

Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. Jenkins, a popular continuous integration and continuous delivery platform, features a Groovy script console that allows users to run arbitrary Groovy scripts within the Jenkins controller runtime.

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining
2024-06-28 11:59

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor...

New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
2024-06-18 09:41

Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included...

Australian mining company discloses breach after BianLian leaks data
2024-06-04 22:10

Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web. The firm is publicly traded on the Australian Securities Exchange under the ticker 'NTU,' so it is legally obliged to disclose any data breach incidents promptly.

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
2024-05-30 14:24

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the...

GhostEngine mining attacks kill EDR security using vulnerable drivers
2024-05-21 22:30

A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an XMRig miner. Researchers at Elastic Security Labs and Antiy have underlined the unusual sophistication of these crypto-mining attacks in separate reports and shared detection rules to help defenders identify and stop them.

Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining
2024-03-27 10:39

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale...

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining
2024-03-06 16:58

Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to...