Go to listing page

Cyware Daily Threat Intelligence March 12, 2018

Cyware Daily Threat Intelligence March 12, 2018

Share Blog Post

Top Malware Reported in the Last 24 Hours
New Coinminer campaigns
Mining campaigns targeting Windows Server, Apache Solr, and Redis servers, have been discovered. One of the campaigns is named RedisWannaMine, and is being used to compromise servers by scanning for systems running outdated Redis versions that are vulnerable to the CVE-2017-9805 exploit. The second campaign exploits CVE-2017-12629 on unpatched Apache Solr servers.

APT15 using new malware
A cyber espionage group, dubbed APT15, is found using a new malware, targeting an organization that provides services to the U.K. government. The hacker group is also using RoyalCli and RoyalDNS backdoors in order to infect systems.

Necrus botnet
Currently, Necrus is considered to be the world’s largest spam botnet. The botnet commonly uses spam emails with macros or JavaScript attachments to download malware from different locations. Necurs' recipient database includes email addresses that have been harvested online.


Posted on: March 12, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.