Cyware Daily Threat Intelligence March 12, 2018

Top Malware Reported in the Last 24 Hours
New Coinminer campaigns
Mining campaigns targeting Windows Server, Apache Solr, and Redis servers, have been discovered. One of the campaigns is named RedisWannaMine, and is being used to compromise servers by scanning for systems running outdated Redis versions that are vulnerable to the CVE-2017-9805 exploit. The second campaign exploits CVE-2017-12629 on unpatched Apache Solr servers.

APT15 using new malware
A cyber espionage group, dubbed APT15, is found using a new malware, targeting an organization that provides services to the U.K. government. The hacker group is also using RoyalCli and RoyalDNS backdoors in order to infect systems.

Necrus botnet
Currently, Necrus is considered to be the world’s largest spam botnet. The botnet commonly uses spam emails with macros or JavaScript attachments to download malware from different locations. Necurs' recipient database includes email addresses that have been harvested online.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.