Ransomware attacks skyrocketed in H1 2021

In the first half (H1) of 2021, ransomware attacks skyrocketed, eclipsing the entire volume for 2020 in only six months, according to the mid-year update to the SonicWall report. In a new paradigm for cybercrime, SonicWall is analyzing how threat actors are using any means possible to further their malicious intents. Ransomware attacks volume reaching […]

Continue Reading

Nagios XI Servers: Seems to be Turning Into Cryptocurrency Miners for Attackers

  Nagios XI is a popular enterprise server and network monitoring solutions. The feature “Configuration Wizard: Windows Management Instrumentation (WMI)” is being exploited in Nagios XI.  On March 16, 2021, Unit 42 researchers observed an attacker targeting Nagios XI software to exploit the vulnerability CVE-2021-25296, a remote command injection vulnerability impacting Nagios XI version 5.7.5, […]

Continue Reading

Threat actors thriving on the fear and uncertainty of remote workforces

The pandemic’s work-from-home reality resulted in an unprecedented change for organizations as they fought to defend exponentially greater attack surfaces from cybercriminals armed with powerful cloud-based tools, cloud storage and endless targets. As working environments evolved, so did the methods of threat actors and other motivated perpetrators, as detailed in the SonicWall report. Threat actors […]

Continue Reading

Cryptojacking botnet Prometei uses NSA exploit to steal data, mine Monero

By Waqas Prometei botnet targets Windows devices. Cisco Talos’ threat intelligence team published a report revealing startling details of how cybercriminals are continually reinventing the way they can monetize their malicious tools and techniques. Reportedly, Cisco Talos researchers discovered a “complex” new campaign involving a multi-modular cryptojacking botnet named “Prometei.” The botnet can spread in […]

Continue Reading