Bleeping Computer

US govt: Iranian hackers breached federal agency using Log4Shell exploit

The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining ...
Threat Post

Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig

Snowballing attacks using a recently patched critical bug show no sign of abating. Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability (CVE-2019 ...
Bleeping Computer

GhostEngine mining attacks kill EDR security using vulnerable drivers

A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an ...