September 13, 2024 at 08:03AM A new Linux malware named Hadooken targets Oracle WebLogic servers to install additional malware and extract credentials. It is deployed through attacks exploiting weak passwords, then downloads shell and Python scripts to ensure successful execution. Hadooken drops a cryptominer and Tsunami malware, and creates cronjobs for persistence. Other ransomware families’ … Read more
September 13, 2024 at 02:30AM Cybersecurity researchers have discovered a new malware campaign targeting Linux environments to illicitly mine cryptocurrency, focusing on the Oracle Weblogic server. The malware, named Hadooken, deploys a crypto miner and a DDoS botnet, exploiting vulnerabilities and misconfigurations to spread across connected environments. The campaign is linked to hosting companies in … Read more
August 22, 2024 at 12:48AM Cybersecurity researchers have discovered a new malware, PG_MEM, targeting PostgreSQL databases. The malware mines cryptocurrency by brute-forcing its way into the databases and exploiting weak passwords. It subsequently deploys malicious activities and a cryptocurrency miner. The attack underscores the risks of misconfigured and weakly protected internet-facing databases. Key Takeaways from … Read more
August 8, 2024 at 06:30AM AWS recently addressed potentially critical vulnerabilities, including flaws that could have allowed attackers to take over accounts, disclosed by Aqua Security at Black Hat. The security holes could have enabled arbitrary code execution, account control, data exposure, DoS attacks, data exfiltration, and AI model manipulation in AWS services such as … Read more
May 10, 2024 at 06:16AM The 2024 RSA Conference in San Francisco saw numerous companies presenting their products and services. SecurityWeek offered a daily digest summarizing significant announcements made by vendors throughout the event, including new product releases, partnership announcements, and reports. Additionally, companies like Aqua Security, Censys, and CrowdStrike revealed various security solutions and … Read more
January 3, 2024 at 03:59PM Aqua Security, a cloud native security platform company, has secured a $60 million extended Series E funding round, valuing the firm at over $1 billion. Led by Evolution Equity Partners, it saw participation from Insight Partners, Lightspeed Venture Partners, and StepStone Group. Aqua Security offers technology to enhance security for … Read more
December 7, 2023 at 01:57PM A new version of HeadCrab malware targets Redis servers for cryptomining and further attacks, with over 1,100 additional infections reported by Aqua Security. The malware now has enhanced ability to hide its presence, and its sole user, Ice9, has interacted with researchers via a built-in “mini blog.” Security enhancements in … Read more
November 6, 2023 at 09:00AM A serious privilege escalation vulnerability, known as CVE-2023-4911 or Looney Tunables, has been exploited by the Kinsing threat group. The group, known for its cryptojacking operations, has targeted major Linux distributions. They have also started collecting new types of information, indicating a potential shift in their activities. Security firm Aqua … Read more