June 25, 2024 at 06:08AM P2PInfect, initially a dormant malware botnet, has become active, deploying ransomware and a cryptominer on Redis servers. Cado Security reports conflicting evidence about its motives and identifies new features such as cron-based persistence mechanisms and SSH lockout. The malware also targets 32-bit MIPS processors. It now poses a genuine threat … Read more
March 6, 2024 at 11:27AM Cado Security warns of a cryptojacking campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances with unique Golang payloads. Attackers use reverse shells, rootkits, and various scripts to exploit vulnerabilities. The extensive attack demonstrates the variety of techniques used to exploit cloud and Linux services, as well as keeping … Read more
February 4, 2024 at 12:19PM Cybersecurity researchers have unearthed an advanced version of the HeadCrab malware, targeting Redis database servers worldwide. The threat actor behind it has doubled their infected servers, aiming to illicitly mine cryptocurrencies and execute malicious activities while evading detection. The evolving tactics underscore the urgency for enhanced security measures and vigilance … Read more