New variants of Mirai and Gafgyt botnets were found targeting well-known vulnerabilities using multiple exploits directed at enterprises for possible DDoS attacks, including the flaw used in the 2017 Equifax data breach.
A new fileless malware utilizes Powershell and EternalBlue via WMI for propagation, infecting workstations and servers connected to a local server with a cryptocurrency miner and a DDos tool. Significant infections have been detected in North America and Europ
Syscoin's GitHub account was hacked to distribute modified versions of their software. Developers who executed Syscoin 184.108.40.206 are advised to change their unencrypted cryptocurrency wallet passwords and back up their files.
PyRoMineIoT malware infects systems with a Monero miner, spreads using RCE EternalRomance by removing or modifying accounts and passwords with privileged access, and scans for vulnerable Internet of Things devices for possible future attacks.