#VPS

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

by

September 19, 2024 at 10:30AM A recent report by Group-IB researchers reveals that the cryptojacking operation TeamTNT has reappeared, targeting Virtual Private Server infrastructures using CentOS. The attack involves SSH brute force, malicious script uploads, and deploying the Diamorphine rootkit for concealing processes and establishing remote access. TeamTNT, active since 2019, has unveiled a new … Read more

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

by

July 29, 2024 at 09:24AM An unknown threat actor exploited an email routing misconfiguration in Proofpoint’s defenses to send millions of spoofed emails. The campaign, named EchoSpoofing, began in January 2024 and utilized SMTP servers on virtual private servers, bypassing major security protections. The attacker sent messages impersonating legitimate domains, and the technique eluded detection. … Read more