Kartwheel News

Cyber stories

Tag: CVE-2014-3120

Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in February 2019

Conclusion Continuing the trend from January, threat actors in February delivered crypto-miners and Mirai variants. Most of the vulnerabilities exploited in February are not new, however, they are known vulnerabilities in popular applications and systems. In these cases, a threat actor is not looking for a specific target, but instead tries to exploit as many…

Read More

“CryptoSink” Campaign Deploys a New Miner Malware

Recently, threat researchers from F5 Networks spotted a new campaign targeting Elasticsearch systems. It leverages an exploit from 2014 to spread several new malwares designed to deploy an XMR (Monero) mining operation. The campaign exploits a five-year-old vulnerability (CVE-2014-3120) in Elasticsearch systems running on both Windows and Linux platforms to mine XMR cryptocurrency. On Linux,…

Read More

Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in June 2019

Cryptominers are frequently included in recent attack campaigns; if you would like to learn more about cryptominers, please check out some of our previous monthly attack campaign wrap-ups. Conclusion Campaigns aimed at mining cryptocurrency and targeting Oracle WebLogic continue to rise in popularity. This has been fueled in part by the zero-day vulnerability found in…

Read More

Recent Posts

Recent Comments

No comments to show.