Monthly Archives: April 2021

Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities

The recent Microsoft Exchange Server vulnerabilities might have initially been exploited by a government-backed APT group, but cybercriminals soon followed suit, using them to deliver ransomware and grow their botnet. One perpetrator of the latter activities is Prometei, a cross-platform (Windows, Linux), modular Monero-mining botnet that seems to have flown under the radar for years. The attackers’ modus operandi Cybereason incident responders have witnessed instances of the botnet enslaving endpoints of companies across the globe, … More ? The post Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities appeared first on Help Net Security .

Excerpt from:
Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities

DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency

Netscout announced findings from its bi-annual Threat Intelligence Report, punctuated by a record-setting 10,089,687 DDoS attacks observed during 2020. Cybercriminals exploited vulnerabilities exposed by massive internet usage shifts since many users were no longer protected by enterprise-grade security. Attackers paid particular attention to vital pandemic industries such as e-commerce, streaming services, online learning, and healthcare generating a 20% year-over-year increase in attack frequency over 2019 plus a 22% increase in the last six months of … More ? The post DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency appeared first on Help Net Security .

Read More:
DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency

Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines

Here’s an overview of some of last week’s most interesting news and articles: Attackers tried to insert backdoor into PHP source code The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. The growing threat to CI/CD pipelines By hardening CI/CD pipelines and addressing security early in the development process, developers can deliver software faster and more securely. DDoS attacks in 2021: What to … More ? The post Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines appeared first on Help Net Security .

Continued here:
Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines