#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Linux botnet | Breaking Cybersecurity News | The Hacker News

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Jul 25, 2019
Cybersecurity researchers have discovered a new variant of WatchBog , a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw . BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remote attacker to take full control over vulnerable systems just by sending specially crafted requests over RDP protocol. Though the patches for the BlueKeep vulnerability (CVE–2019-0708) was already released by Microsoft in May this year, more than 800,000 Windows machines accessible over the Internet are still vulnerable to the critical flaw. Fortunately, even after many individuals in the security community developed working remote code exploits for BlueKeep, there is no public proof-of-concept (PoC) exploit available till the date, potentially preventing opportunistic hackers from wreaking h
Hacker Who Used Linux Botnet to Send Millions of Spam Emails Pleads Guilty

Hacker Who Used Linux Botnet to Send Millions of Spam Emails Pleads Guilty

Mar 29, 2017
A Russian man accused of infecting tens of thousands of computer servers worldwide to generate millions in illicit profit has finally entered a guilty plea in the United States and is going to face sentencing in August. Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty in a US federal court on Tuesday for his role in the development and maintenance of the infamous Linux botnet known as Ebury that siphoned millions of dollars from victims worldwide. Senakh, who was detained by Finland in August 2015 and extradition to the US in January 2016, admitted to installing Ebury malware on computer servers worldwide, including thousands in the United States. First spotted in 2011, Ebury is an SSH backdoor Trojan for Linux and Unix-style operating systems, like FreeBSD or Solaris, which infected more than 500,000 computers and 25,000 dedicated servers in a worldwide malware campaign called ' Operation Windigo .' Ebury backdoor gives attackers full shell control of
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
Cybersecurity Resources