AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK

Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a…

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

Trend Micro – Trend Micro – Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify We looked into exploitation attempts we observed in the wild and the abuse of…

Cryptomining Malware Targets Alibaba ECS Instances

Alibaba ECS Instances (Elastic Computing Service) have become the hackers’ targets, as these are actively hijacking them for cryptomining malware deployment purposes. Cryptomining Malware Hijacks Alibaba ECS Instances: Details TrendMicro…

Cybercriminals Target Alibaba Cloud for Cryptomining, Malware

Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers. Cybercriminals are targeting Alibaba Elastic Computing Service (ECS) instances, disabling certain security features…

A Well-Known NPM Library Was Hijacked

User-Agent data is utilized by UA-Parser-JS in applications and webpages to determine the type of device or browser a user is using. A remote attacker might gain access to sensitive…

Over 25% of Malicious JavaScript Is Being Obfuscated, Research Shows

According to a new study of over 10,000 malicious JavaScript samples, over 25% of the samples analyzed use JavaScript obfuscation methods to prevent detection and analysis. What Is Obfuscation? Obfuscation…

Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One

Trend Micro – Trend Micro – A more detailed explanation of this chain and the specific techniques observed in this campaign can be found in our tech brief. We used…

FreakOut Botnet Turns DVRs Into Monero Cryptominers

The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. Threat group FreakOut’s Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero…

Crypto-mining Malware Targets Huawei Cloud

Cloud service providers, like, for instance, Huawei Cloud, are now targeted by some new variant of a past crypto-mining malware. This is Linux-based and its initial version started its activities…

Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage

Trend Micro – Trend Micro – Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage Exploits & Vulnerabilities Recently, we discovered that the cryptomining trojan z0Miner has been taking…