×

Alibaba Cloud Security

926 Reputation

Follow
Activities(22) Posts(22) Series(0) Areas of Expertise Following Followers
Areas of Expertise

Following (0)

See All

Followers (12)

See All

Solr Dataimport Vulnerability Becomes a New Attack Method for Mining Organizations

Alibaba Cloud security team has detected a new attack method using the Solr dataimport RCE vulnerability (CVE-2019-0193) that implants mining programs into target hosts.

Alibaba Cloud Offers FIPS Validated HSM for Crypto Key Security

Alibaba Cloud has announced the beta release of Managed HSM, a cloud-managed hardware security module to protect your most sensitive workloads and assets.

8220 Mining Group Now Uses Rootkit to Hide Its Miners

The Alibaba Cloud Security Team has recently discovered that the 8220 Mining Group began using rootkit to hide its mining programs.

A New Trend of DDoS Attacks: Mobile Devices Are Becoming a New Generation of Botnets

This article analyzes the characteristic features of a new trend of DDoS attacks launched by mobile botnets.

Xulu: Cryptojacking Leveraging Shodan, Tor, and Malicious Docker Container

Alibaba Cloud has recently detected Xulu, a mining botnet that deploys malicious containers by exploiting Docker's remote API unauthorized Access vulnerability.

Deep Dive into Cloud Firewall: Addressing Aggressive Mining Worms

This article provides an in-depth analysis of how Alibaba Cloud's Cloud Firewall addresses aggressive mining worms.

Return of Watchbog: Exploiting Jenkins CVE-2018-1000861

Watchbog, a cryptocurrency-mining botnet, has made a comeback by exploiting Jenkins CVE-2018-1000861 this time.

ThinkphpDD: An In-Depth Analysis of Blackhat SEO Techniques

The Alibaba Cloud Security Team has recently traced a group of hackers that exploit website vulnerabilities for blackhat SEO promotion.

ImposterMiner Trojan Takes Advantage of Newly Published Jenkins RCE Vulnerability

Alibaba Cloud Security team has recently detected a crypto-mining attack which uses the newly published Jenkins RCE vulnerability as its attack vector.

Countrywide Spread of Database-Cracking Watchdogs Mining Worm: Issues and Countermeasures

This article analyzes the Watchdogs mining worm and provides suggestions for emergency response and further prevention of similar large-scale intrusion events.

ProtonMiner Gains Momentum via Expanded Attack Surface

The post provides a detailed analysis of ProtonMiner, a new cryptocurrency miner hijacker discovered by Alibaba Cloud, and security recommendations to avoid it.

Alibaba Cloud Security: 2018 Cryptocurrency Mining Hijacker Report

In this report, we analyze the current state of malicious cryptocurrency mining and provide security recommendations based on Alibaba Cloud's data from 2018.

New Miner Hijacker RDPMiner Adds Malicious Accounts to Victimized Hosts

Alibaba Cloud has detected a new type of cryptocurrency mining hijacker, RDPMiner, which spreads by launching brute-force attacks on the RDP service of Windows server port 3389.

Threat Alert: Multiple Cryptocurrency Miner Botnets Start to Exploit the New ThinkPHP Vulnerability

Alibaba Cloud security team has detected new attacks based on the ThinkPHP vulnerability, in which botnets BuleHero and Sefa exploited hosts for various cybercrime purposes.

Alibaba Cloud Web Application Firewall Endorsed by Top Research Agencies

Alibaba Cloud establishes its presence in the global security market as its WAF product gains recognition by top research agencies, including Gartner and Frost & Sullivan.

Alibaba Cloud Offers a Security Emergency Response Plan for Global Bank Websites Targeted by Hackers

Alibaba Cloud has detected DDoS and HTTP Flood attacks against global central bank websites and has suggested an appropriate response plan to cope with similar attacks.

Alibaba Cloud Discovers the Latest ThinkPHP v5 Vulnerability

The latest ThinkPHP v5 vulnerability has been discovered by Alibaba Cloud and can be blocked using an alert in Alibaba Cloud Threat Detection Service.

New Vulnerability Found in the Decade-Old phpCMS 2008 Can Lead to Fresh WebShell Attacks

This article describes Alibaba Cloud Security's discovery of the web shell vulnerability in phpCMS 2008 content management system, still in use to manage many websites today.

The Qakbot Family Extends: Introducing a New QBot Variant

In this article, we will look at a new QBot family variant discovered by Alibaba Cloud Security team, known as 'QBotVariant'.

DockerKiller Threat Analysis: First Instance of Batch Attack and Exploitation of Docker Services

The Alibaba Cloud Security team has discovered a novel attack, dubbed DockerKiller, on Docker services exposed to the web.

Latest Comments

hertavein Commented on The Qakbot Family Extends: Introducing a New QBot Variant

From the tons of comments on your articles, I guess I am not the only one having all the enjoyment here! Keep up the good work .../.<a href=" http://www.jobz.pk/testresult/">Jobs test results</a>

kumaryogesh Commented on ThinkphpDD: An In-Depth Analysis of Blackhat SEO Techniques

Great post and advice. Very useful information, it clarified things a lot for us. Thanks for the wonderful blog ![url=http://www.latesttechnology.online]Tech News [/url]

Raja_KT Commented on Threat Alert: Multiple Cryptocurrency Miner Botnets Start to Exploit the New ThinkPHP Vulnerability

Thanks for the recommendation.

Vladimir Commented on New Miner Hijacker RDPMiner Adds Malicious Accounts to Victimized Hosts

i dont know where to write and im not good in english so sorry, i hope someone here can help me.i bought snickers on this site discount.ladysshares.com and i thing that this is fake site they are thieves.they dont want to get my money back so can someone help me ?

5697346405925554 Commented on Alibaba Cloud Discovers the Latest ThinkPHP v5 Vulnerability

Informative!Upgrade your shipping plans to digitally with ecourierz - best, cheapest and fastest courier service in India. For more details visit www.ecourierz.com

No series yet.