• Latest
  • Trending
Android security flaw in audio codec puts two-thirds of smartphones at risk of eavesdropping, researchers say ZDNet

Microsoft warns: This botnet has new tricks to target Linux and Windows systems ZDNet

17.05.2022
Frontier Airlines sweetens Spirit merger offer as shareholder vote looms – CNBC

Frontier Airlines sweetens Spirit merger offer as shareholder vote looms – CNBC

25.06.2022
Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women

Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women

25.06.2022
Billie Eilish at Glastonbury 2022: Pyropop packs a punch – The Guardian

Billie Eilish at Glastonbury 2022: Pyropop packs a punch – The Guardian

25.06.2022
Hornets hire Steve Clifford as head coach – hoopsrumors.com

Hornets hire Steve Clifford as head coach – hoopsrumors.com

25.06.2022
Mexico oil refinery cost could reach $12bn, president says – Reuters.com

Mexico oil refinery cost could reach $12bn, president says – Reuters.com

25.06.2022
How to Enable or Disable Desktop Search Bar in Windows 11 – TheWindowsClub

How to Enable or Disable Desktop Search Bar in Windows 11 – TheWindowsClub

25.06.2022

NFL skipping supplemental draft for third straight year; here are the top 5 picks from the extra era

25.06.2022
Ashlee Simpson cuts a relaxed figure in a black top and ripped jeans

Ashlee Simpson cuts a relaxed figure in a black top and ripped jeans

25.06.2022
How to make a better ice cream sundae, with recipes and tips

How to make a better ice cream sundae, with recipes and tips

25.06.2022
Coi Leray Drops New Song “Involved” – Complex

Coi Leray Drops New Song “Involved” – Complex

25.06.2022
The United States and its allies launch an initiative to help Pacific island states

The United States and its allies launch an initiative to help Pacific island states

25.06.2022

Free apps for Android & iOS: These Pro versions are currently free – NextPit

25.06.2022
Saturday, June 25, 2022
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel
OLTNEWS
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel
OLTNEWS
No Result
View All Result

Home » Technology » Microsoft warns: This botnet has new tricks to target Linux and Windows systems ZDNet

Microsoft warns: This botnet has new tricks to target Linux and Windows systems ZDNet

17/05/2022 00:06:14
in Technology
0
0
SHARES
Share on WhatsappShare on Facebook

Related posts

Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women

Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women

25.06.2022
How to Enable or Disable Desktop Search Bar in Windows 11 – TheWindowsClub

How to Enable or Disable Desktop Search Bar in Windows 11 – TheWindowsClub

25.06.2022

Microsoft has warned that a new variant of the Sysrv botnet targets a critical flaw in the Spring Framework to install cryptocurrency mining malware on Linux and Windows systems.

Microsoft researchers have spotted a new variant of Sysrv, which they call Sysrv-K, scanning the internet for WordPress plugins with older vulnerabilities as well as a recently disclosed remote code execution (RCE) flaw. in Spring Cloud Gateway software tagged as CVE-2022-22947.

The flaw affected VMware’s Spring Cloud Gateway and Oracle Communications Cloud Native Core Network Exposure Function and was given a critical rating by both companies.

Sysrv-K can take control of web servers, Microsoft Security Intelligence informed. The botnet scans the Internet to locate web servers and then uses various vulnerabilities such as path traversal, remote file disclosure, arbitrary file downloads, and remote code execution. Once the malware runs on a Windows or Linux device, Sysrv-K deploys a cryptocurrency miner.

Sysrv-K contains new features from older variants. Juniper in April 2021 reported that Sysrv was associated with exploits for six RCE vulnerabilities affecting installations of MongoDB’s Mongo Express admin interface, ThinkPHP PHP framework, Drupal CMS, VMware-owned SaltStack, and XXL-projects. JOB and XML-RPC. It also had exploits for PHP framework Laravel, Oracle Weblogic, Atlassian Confluence Server, Apache Solr, PHPUnit, Jboss Application Server, Apache Hadoop, Jenkins, Jupyter Notebook Server, Sonatupe Nexus Repository Manager, Tomcat Manager, and WordPress.

The two functions of the malware were to spread across the network by scanning the internet for vulnerable systems and installing the XMRig cryptocurrency miner to mine Monero. But Microsoft warns that it can now also capture database credentials to control an infected web server.

“A new behavior observed in Sysrv-K is that it searches WordPress configuration files and their backups to retrieve database credentials, which it uses to take control of the web server. Sysvr-K has updated communication capabilities, including the ability to use a Telegram Bot,” Microsoft Security Intelligence said.

“Like older variants, Sysrv-K searches for SSH keys, IP addresses, and hostnames, then attempts to connect to other systems on the network via SSH to deploy copies of itself. This could put the rest of the network at risk is part of the Sysrv-K botnet,” he added.

Microsoft has warned organizations to secure Internet-connected systems, apply security updates, and protect credentials.



Share this:

  • Twitter
  • Facebook

Like this:

Like Loading...

Related

Previous Post

Musk says he could charge lower price for Twitter as he focuses on fake accounts – The Guardian

Next Post

Stock markets struggle as fears over economy grow – Yahoo Finance

Related Posts

Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women
Technology

Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women

25.06.2022
0

JCMR recently announced a Movies and Entertainment study with more than 250 market data tables and figures spread across the...

Read more
How to Enable or Disable Desktop Search Bar in Windows 11 – TheWindowsClub

How to Enable or Disable Desktop Search Bar in Windows 11 – TheWindowsClub

25.06.2022

Free apps for Android & iOS: These Pro versions are currently free – NextPit

25.06.2022

2 new iOS 16 Apple Maps features will improve the way you travel – CNET – ApparelGeek

25.06.2022

The most anticipated monitor of 2022 may be ready to launch soon – Digital Trends

25.06.2022

5G Small Cell Market Research with Ericsson, Cisco Systems, Huawei, Samsung Electronics, Texas Instruments | Report 2022 – Indian Defense News – Indian Defense News

25.06.2022
Load More
Next Post
Stock markets struggle as fears over economy grow – Yahoo Finance

Stock markets struggle as fears over economy grow - Yahoo Finance

Recent Posts

  • Frontier Airlines sweetens Spirit merger offer as shareholder vote looms – CNBC
  • Impressive Film and Entertainment Market Gains Including Key Players ViacomCBS, Sony Corporation – Designer Women – Designer Women
  • Billie Eilish at Glastonbury 2022: Pyropop packs a punch – The Guardian
  • Hornets hire Steve Clifford as head coach – hoopsrumors.com
  • Mexico oil refinery cost could reach $12bn, president says – Reuters.com

Archives

  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • EN

© 2020

No Result
View All Result
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel

© 2020

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
%d bloggers like this: