Server Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Financially motivated hacking groups are increasingly exploiting newly disclosed vulnerabilities to deploy custom malware on public-facing servers. The threat actors are known as Magnet Goblin, and they have been quick to leverage one-day flaws, vulnerabilities for which a patch has been released but not yet applied by the target, to carry out their attacks.
A new variant of Bifrost, a remote access Trojan (RAT), has been observed attacking Linux servers. The new variant, dubbed Bifrose, employs a deceptive domain name to evade detection.
A new malware dubbed “Migo” that is targeting Linux Redis servers to mine cryptocurrency via a cryptojacking attack has been discovered. This campaign employs many Redis system-weakening commands to potentially disable data store security features that could hinder their initial attempts at access.
Over the last year, a new botnet slowly grew by brute-forcing SSH passwords and installing cryptomining malware onto Linux servers. The main client of the botnet is based on an old Mirai virus whose source code was available for many years. However, researchers have seen that the same group has also used the more recent P2PInfect malware, which exploits Redis instances.
It's no secret that cryptocurrencies are a valuable target for hackers. Bitcoin, Ethereum, and Litecoin are all coins worth stealing, and hackers have been working hard to get their hands on them.