cryptomining

Attackers Target Microsoft Accounts to Weaponize OAuth Apps

by

December 13, 2023 at 02:01PM Threat actors are exploiting weak authentication to abuse OAuth applications for cryptomining, phishing, and password spraying attacks, compromising user accounts for Microsoft services and exploiting OAuth applications with high privilege permissions. Mitigation includes implementing multifactor authentication and auditing apps and consented permissions. OAuth presents various risks and security researchers have … Read more

Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing

by

December 13, 2023 at 06:24AM Microsoft warns of adversaries using OAuth applications to automate virtual machine deployment for cryptocurrency mining and phishing attacks. Threat actors compromise user accounts to modify OAuth applications and maintain access to applications even if they lose access to accounts. Organizations are advised to enforce multi-factor authentication, conditional access policies, and … Read more

Rootkit Turns Kubernetes From Orchestration to Subversion

by

November 22, 2023 at 11:26AM Kubernetes, a popular orchestration platform for containerized software environments, has become a target for attackers. While most attacks have focused on stealing cloud compute resources for cryptocurrency mining, security researchers warn that rootkit infections could give attackers greater control over Kubernetes clusters. These rootkits can hide malicious containers and perform … Read more

DarkGate and PikaBot Malware Resurrect QakBot’s Tactics in New Phishing Attacks

by

November 20, 2023 at 10:12AM Phishing campaigns using DarkGate and PikaBot malware are utilizing tactics previously seen with QakBot trojan attacks. The malware families have similarities in distribution methods and behaviors to QakBot. DarkGate has advanced evasion techniques and remote control capabilities, while PikaBot can deliver additional payloads. The attacks target various sectors, spreading through … Read more

‘BlazeStealer’ Python Malware Allows Complete Takeover of Developer Machines

by

November 9, 2023 at 06:16PM Malicious Python packages masquerading as code obfuscation tools are targeting developers through the PyPI code repository. Known as “BlazeStealer,” the malware can steal data, launch keyloggers, encrypt files, and execute commands. Hackers target developers engaged in code obfuscation due to the valuable and sensitive information they work with. BlazeStealer is … Read more

Hackers exploit Looney Tunables Linux bug, steal cloud creds

by

November 6, 2023 at 03:26PM The Kinsing malware operators are targeting vulnerable cloud environments using a Linux security issue known as “Looney Tunables” (CVE-2023-4911). The malware exploits this vulnerability to gain root privileges on compromised systems. Kinsing is known for breaching cloud-based systems and deploying cryptomining software. Recent attacks have targeted Kubernetes clusters through misconfigured … Read more

Jupyter Notebook Ripe for Cloud Credential Theft, Researchers Warn

by

October 18, 2023 at 06:04AM Researchers have discovered a Tunisian hacker using Jupyter Notebook and malware to engage in cryptomining and compromise cloud systems. The incident highlights the importance of prioritizing cloud security as advanced productivity tools are increasingly adopted. Jupyter Notebook is an open-source platform for creating notebook documents that is used in data … Read more