BYOD advice – Find malware where you least expect it

BYOD – bring your own device – probably every organisation has non-company devices handling sensitive information. Threat actors have created a trojanised version of a legitimate game installer that they are promoting through side channels to attract users (victims) to install it. The Super Mario game is installed and works …

Windows and Linux server both targets for crypto-mining malware

Microsoft is reporting on a new variant of the Sysrv botnet malware – Sysrv-K, that infects both Windows and Linux servers. This malware can compromise a wide range of vulnerabilities including WordPress plug-ins and Spring Cloud. Once in the malware installs and operates the Monero cryptocurrency miner. Monero-mining botnet targets …

Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022

This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …