This past October, Apache issued a critical advisory addressing CVE-2023-46604, a vulnerability involving the deserialization of untrusted data in Apache. On 2 November, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2023-46604 to its known exploited list, KEV Catalog, indicating this vulnerability's high risk and impact. Fortiguard Labs also released an outbreak alert and a threat signal report about the active exploitation of CVE-2023-46604, providing more details and
cryptojacking (7)
"There's a sucker born every minute" is a phrase closely associated with PT Barnum, an American showman of the mid-19th century, although there is no evidence that he said it. Early examples of its use are among gamblers and confidence tricksters of the era. A previously undetected cryptocurrency scam has leveraged over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021.
This massive campaign has likely resulted in thousands of people being scamm
FortiGuard Labs discovered an ongoing threat campaign targeting YouTube viewers searching for pirated software earlier this month. Videos advertising downloads of “cracked” (aka pirated) software are uploaded by verified YouTube channels with a large number of subscribers. Victims are led to execute malicious binaries that install multiple malware into their systems focused on harvesting credentials, cryptojacking, and stealing cryptocurrency funds from wallets.
While investigating this campai
FortiGuard Labs has encountered new samples of the RapperBot campaign active since January 2023. RapperBot is a malware family primarily targeting IoT devices. It has been observed in the wild since June 2022. FortiGuard Labs reported on its previous campaigns in August 2022 and December 2022. Those campaigns focused on brute-forcing devices with weak or default SSH or Telnet credentials to expand the botnet’s footprint for launching Distributed Denial of Service (DDoS) attacks.
In this camp
Cyber threat investigators say do not let the ongoing "crypto winter" lull you into a false sense of cybersecurity. The phrase “crypto winter” likely came from the hit HBO series, “Game of Thrones.” In the series, the motto of the House of Stark was “Winter Is Coming.” It was considered a warning that lasting conflict could descend on the land of Westeros at any time. Similarly, an extended period of trouble may be settling over the crypto market. During this difficult time, you must remain
News broke on 5 July 2022 that the operators of AstraLocker Ransomware were shutting down in favor of pursuing a new cryptojacking campaign. The group shared decryptors with VirusTotal, and according to BleepingComputer the decryptors worked on test files that were recently encrypted by the ransomware. AstraLocker was born out of the Babuk ransomware family. In the Summer of 2021 Babuk ransomware group’s code was leaked and the similarities between the leaked code and AstraLocker’s code point
A new malware family is targeting Asian cloud service providers and using compromised resources to mine cryptocurrency. The malware, CoinStomp, makes use of Timestomping, Command and Control through reverse shells, removal of target system’s cryptographic policies, and references to a previous cryptojacking campaign, Xanthe.
Cryptojacking is the process of compromising machines and using their resources to mine for cryptocurrencies. This attack method has grown popular as an alternative to buil
