Tag: CVE-2014-3120
Conclusion Continuing the trend from January, threat actors in February delivered crypto-miners and Mirai variants. Most of the vulnerabilities exploited in February are not new, however, they are known vulnerabilities in popular applications and systems. In these cases, a threat actor is not looking for a specific target, but instead tries to exploit as many…
Read MoreRecently, threat researchers from F5 Networks spotted a new campaign targeting Elasticsearch systems. It leverages an exploit from 2014 to spread several new malwares designed to deploy an XMR (Monero) mining operation. The campaign exploits a five-year-old vulnerability (CVE-2014-3120) in Elasticsearch systems running on both Windows and Linux platforms to mine XMR cryptocurrency. On Linux,…
Read MoreCryptominers are frequently included in recent attack campaigns; if you would like to learn more about cryptominers, please check out some of our previous monthly attack campaign wrap-ups. Conclusion Campaigns aimed at mining cryptocurrency and targeting Oracle WebLogic continue to rise in popularity. This has been fueled in part by the zero-day vulnerability found in…
Read MoreRecent Posts
- Eight Key Takeaways From Kyndryl’s First Investor Day
- QNAP pulls buggy QTS firmware causing widespread NAS issues
- N-able Exec: ‘Cybersecurity And Compliance Are A Team Sport’
- Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’
- Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs