article thumbnail

39,000 Websites Infected in ‘Sign1’ Malware Campaign

Ooda Loop

Sucuri, a website security firm, has issued a warning about a new malware family called Sign1 that has infected more than 39,000 websites. The malware, found in WordPress custom HTML widgets or the Simple Custom CSS and JS WordPress plugin, redirects visitors to scam domains and displays unwanted ads. Unlike […]

Malware 59
article thumbnail

HeadCrab 2.0: Evolving Threat in Redis Malware Landscape

Aqua Security

At the beginning of 2023, Aqua Nautilus researchers uncovered HeadCrab - an advanced threat actor utilizing a state-of-the-art, custom-made malware that compromised 1,200 Redis servers. Recently, our researchers detected a new version of the HeadCrab malware targeting our honeypots.

Malware 95
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite

Ooda Loop

Indian energy companies and government entities have been targeted with malware as a means of exfiltrating sensitive information. The malware is a type of updated open-source information stealer malware with the name HackBrowserData. This malware is able to exfiltrate sensitive information by […]

Malware 59
article thumbnail

Kinsing Malware Exploits Novel Openfire Vulnerability

Aqua Security

Aqua Nautilus discovered a new campaign that exploits the Openfire vulnerability (CVE-2023-32315), that was disclosed in May of this year, to deploy Kinsing malware and a cryptominer. This vulnerability leads to a path traversal attack, which grants an unauthenticated user access to the Openfire setup environment.

Malware 116
article thumbnail

Detecting eBPF Malware with Tracee

Aqua Security

Lately, we have seen a rise in the number of eBPF based tools used for malicious goals such as rootkits ( ebpfkit, TripleCross ) and malwares ( pamspy ). It is widely used by many security tools for monitoring kernel activity to detect and protect organizations.

Malware 96
article thumbnail

Aqua Nautilus Discovers Redigo — New Redis Backdoor Malware

Aqua Security

Aqua Nautilus discovered new Go based malware that targets Redis servers. Our investigation revealed new undetected malware written in Golang designed to target Redis servers to allow the attacking server to dominate the compromised machine. Therefore, the malware received the name Redigo.

Malware 142
article thumbnail

Intro to Fileless Malware in Containers

Aqua Security

In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected.

Malware 124