#Linux #QQ #Taiyyib #Spotlight #MALWARERESEARCH #ITSEC
Scripting language, Attack, Subnetwork, Malware, Hostname, Script

On Feb 26, 2019
@seansposito shared
RT @security_craig: Cisco Talos warns users that they need to keep a close eye on unsecured Elasticsearch clusters. We have recently observed a spike in attacks from multiple threat actors targeting these clusters - https://t.co/ilHRoduj1a - nice work @ccevans002 and @ashtr0nautt
Open

Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

On Feb 26, 2019
@seansposito shared
RT @security_craig: Cisco Talos warns users that they need to keep a close eye on unsecured Elasticsearch clusters. We have recently observed a spike in attacks from multiple threat actors targeting these clusters - https://t.co/ilHRoduj1a - nice work @ccevans002 and @ashtr0nautt
Open

Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

Multiple threat actors are targeting Elasticsearch Clusters

Security researchers at Cisco Talos are warning of a spike in attacks on unsecured Elasticsearch clusters to drop cryptocurrency miners.

Connecting the dots between recently active cryptominers

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

Elasticsearch clusters face attacks from multiple hacker groups

If you are running an older version of Elasticsearch, make sure you've patched its known vulnerabilities or consider upgrading.

Targeted malware attacks against Elasticsearch servers surge

Old vulnerabilities are proving to be successful.

Defending Against a Self-Propagating Drupal Botnet Attack

On the 28th March 2018 the Drupal Security Team announced SA-CORE-2018-002, a serious Remote Code Execution vulnerability which came to be known by many as "Drupalgeddon 2". The patches to ...

Running Elasticsearch 1.4.2 or earlier? There's targeted malware going for your boxen

Yes it's years out of date but there's no such thing as security through obscurity

Torii botnet - Not another Mirai variant

Research by the Avast threat intelligence team reveals details about new botnet targeting IoT devices

Massive ransomware infection hits computers in 99 countries

The malware is thought to have been created with tools stolen from the US National Security Agency.

Ransomware – A closer look

Ransomware has emerged as one of the most serious online threats facing businesses.

Paying Off 'Petya-Variant' Ransomware Won't Unlock Your Files

A new ransomware researchers say is based on 'Petya' malware is spreading globally -- but paying it off won't unlock your files.

Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch

We detected mining activity on our honeypot that involves the search engine Elasticsearch, which is a Java-developed search engine based on the Lucene library and released as open-source. ...

Twitter Sees Signs of State-Sponsored Attack

Twitter says that an unspecified number of its users may have been targeted by state-sponsored hackers seeking to unmask their identity. Separately, Trend Micro