The attack uses three files: a dropper script (bash or PowerShell), a Golang binary worm, and an XMRig Miner—all of which are hosted on the same command and control server.
While in 2020 organizations were focused on adapting existing technology to borderless and disconnected environments, we will see a massive shift to cloud-native solutions in 2021.
According to security experts, about one in 20 web servers could be vulnerable to cross-layer and DNS poisoning attacks due to a flaw in the Linux kernel. The flaw also affects millions of Android devices.
The European Medicines Agency (EMA) was recently targeted in a cyberattack, in which documents associated with vaccine development had been accessed.
GenRx Pharmacy, a Scottsdale, Arizona-based healthcare organization, has warned hundreds of thousands of patients over a potential data breach following a ransomware attack earlier this year.
“Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks,” the FBI said in a PSA published today.
Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as simply the next step in a gradual and predictable devolution.
The United States Treasury’s Financial Crime Enforcement Network (FinCEN) asked the financial sector to watch for and report evidence of COVID-19 vaccine fraud, ransomware and other scams.
Microsoft fixed a zero-day vulnerability in June, but the company did a poor job. Security researchers from Google’s Project Zero showed that attackers could still use the zero-day, despite the patch.
Yesterday, Wasabi users suddenly found that they could no longer access their storage buckets hosted on the wasabisys.com domain as one of its endpoints was used to host malware.