Home » Tag: Barracuda NextGen Firewall

Tag Archives: Barracuda NextGen Firewall

Home » Tag: Barracuda NextGen Firewall

Cloud infrastructure exposed by multivector, multi-platform malware attacks prevalent, mass scale

Persistent malicious attacks exposing cloud infrastructure are the result of a perfect storm combining cryptomining, ransomware and botnet/worms for both Linux and Windows, the Securonix Threat Research Team reported.

“The attack activity described in the report is likely prevalent and mass-scale,” Oleg Kolesnikov told SC Media.

The research Addison, Texas-based Securonix provides further insight into the inner-workings of particularly persistent, not to mention complex, threats to cloud infrastructures.

“Based on what we’ve been seeing in the wild, it has been taking on the order of minutes for new exposed IPs to be compromised by different threat actors using the attack vectors discussed in the report,” said Kolesnikov, who co-authored the report with Harshvardhan Parashar.  

Some Xbash botnet attacks, which emerged a few months ago but has been active since May 2018, target multi-vectors and multi-platforms,while others are “fairly trivial,” involving single-vector/single-platform attacks where the focus is mainly on cryptomining,

Xbash malware infects Linux and Windows systems with the aim of deleting critical databases instead of encrypting them without any functionality to backup/recover the files, while installing cryptojacking scripts and impersonating a ransomware attack.

“We are seeing more and more cases where attackers are leveraging multiple different attack modalities as part of the actions on objectives in the same attack campaign,” Kolesnikov explained, adding that the trend is “becoming part of the norm.” Subsequently, blue teams need to be able to deal with such an attack combination on a daily basis, he added.

From a detection perspective, some attacks have been associated with observed Moanacroner and Xbash behaviors. “But these are not the only attacks that were observed exhibiting the behaviors,” Kolesnikov noted.

“In most cases, the focus of the attacks is on installing a second-stage payload for cryptomining and/or remote access,” the report stated. “In other cases, the malware propagates and infects the exposed services,removes data, and installs second-stage cryptomining and ransomware payloads.”

Best Enterprise Firewall 2018

Best Enterprise Firewall 2018

Best Enterprise Firewall 2018
Fortinet FortiGate
Cisco ASA
Sophos UTM
Meraki MX Firewalls
Sophos Cyberoam UTM
WatchGuard XTM
Juniper SRX
SonicWall TZ
SonicWall NSA
Barracuda NextGen Firewall
Sophos XG
Cisco Firepower NGFW
Zscaler Web Security
Cisco Sourcefire Firewalls
Check Point UTM-1
Check Point VSX
Kerio Control
Untangle NG Firewall
Palo Alto Networks VM-Series
Cisco ASAv
Check Point Next Generation Firewall
Cisco IOS Security
Palo Alto Networks Next-Generation Firewall
Stormshield Network Security
Check Point VPN-1
McAfee StoneGate
Check Point Power-1
Trustwave Firewalls
McAfee Firewall Enterprise MFE
3Com H3C Firewall
A10 Networks Thunder CFW
Hillstone E-Series
NetFortris Hosted Firewall
NetFortris Threat Analyzer
WatchGuard Firebox
Hillstone T-Series
Fortinet FortiOS
Hillstone X-Series Data Center Firewalls
Hillstone CloudEdge
Sonatype Nexus Firewall
Comodo Dome Firewall
Sangfor NGAF
Read More »