Security News
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. Selenium Grid is open-source and enables developers to automate testing across multiple machines and browsers.
Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software. The researchers say that during the attacks the hackers collect information about the system, install backdoors and various other types of malware.
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was allegedly identified by tracing what has been believed to be untraceable Monero transactions. Finnish investigators from the National Bureau of Investigation, with the help of Binance, followed the trail of payments to Kivimäki, who exchanged the funds for Monero and then exchanged them back to Bitcoin.
It's the latest in a string of unusual wallet-draining attacks that began in April The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the...
New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that mines for Monero cryptocurrency. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers," the researchers said.
Monero, the privacy-oriented decentralized cryptocurrency project, underwent a planned hard fork event on Saturday, introducing new features to boost its privacy and security. Completed at block 2,688,888, the hard fork now features a larger ring size, an improved 'Bulletproofs' algorithm for faster transactions, a revamped multisig mechanism, and performance upgrades that reduce wallet sync times by 30-40%. This upgrade is a hard fork sitting on 0.18 'Fluorine Fermi', so the new version isn't backward compatible with older ones.
The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft. The strain, which Microsoft's Security Intelligence team calls Sysrv-K, scans the internet for web servers that have security holes, such as path traversal, remote file disclosure, and arbitrary file download bugs, that can be exploited to infect the machines.
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. From LDAP to RMI. Most attacks targeting the Log4j "Log4Shell" vulnerability have been through the LDAP service.
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. From LDAP to RMI. Most attacks targeting the Log4j "Log4Shell" vulnerability have been through the LDAP service.
Threat group FreakOut's Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner. Juniper Threat Labs researchers have issued a report detailing new activities from FreakOut, also known as Necro Python and Python.