Contributor Liron Segal

New Struts 2 Campaign Compiles Its Own C# Downloader, Leverages a User Profile Page as Its C&C Server

Article / Jun 23, 2018

By liron segal

Attackers continue to find new and creative ways to carry out malicious crypto-mining operations, employing multiple exploits in a single campaign.

New Campaign Targeting Apache Struts 2, WebLogic Deploys Malware Using VBScript

Article / Jun 21, 2018

By liron segal

With the vast availability of new exploits and the competition for victims’ resources, the multi-exploit trend continues to be popular among attackers.

New Python-Based Crypto-Miner Botnet Flying Under the Radar

Article / Jan 3, 2018 (MODIFIED: Jan 25, 2018)

By maxim zavodchik liron segal aaron brailsford

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

Zealot: New Apache Struts Campaign Uses EternalBlue and EternalSynergy to Mine Monero on Internal Networks

Article / Dec 15, 2017 (MODIFIED: Jan 18, 2018)

By maxim zavodchik liron segal

Zealot Apache Struts campaign targets vulnerabilities in Windows, Linux, and DotNetNuke, then uses leaked NSA exploits to mine Monero on internal networks.

Wirex Android DDoS Malware Adds UDP Flood

Blog / Sep 1, 2017 (MODIFIED: Oct 4, 2017)

By julia karpin liron segal maxim zavodchik

As quickly as attackers commandeer IoT devices to build more “thingbots,” they continue to evolve their attack types and functionality.

Old Protocols, New Exploits: LDAP Unwittingly Serves DDoS Amplification Attacks

Article / Nov 15, 2016 (MODIFIED: Jul 6, 2017)

By liron segal

A new DDoS attack vector that leverages LDAP for reflection-amplification attacks is seeing increased usage.

Mirai: The IoT Bot that Took Down Krebs and Launched a Tbps Attack on OVH

Article / Oct 6, 2016 (MODIFIED: Jul 6, 2017)

By liron segal

The Mirai botnet has infected hundreds of thousands of Internet of Things (IoT) devices, specifically security cameras, by using vendor default passwords for Telnet access.

Thanks to Anonymous’ Latest Toolset, Anyone Can Play the DDoS Game

Article / Jun 1, 2016 (MODIFIED: Jul 6, 2017)

By liron segal

Anonymous commoditizes well-known DDoS attacks by making easy-to-use tools, available to even the most unsophisticated user.

Follow us on social media.