Nansh0u not your normal cryptominer. [Research Saturday]

FromCyberWire Daily

Start listening View podcast show

Nansh0u not your normal cryptominer. [Research Saturday]

FromCyberWire Daily

ratings:

Length:

20 minutes

Released:

Jul 20, 2019

Format:

Podcast episode

Description

Researchers at Guardicore Labs have been tracking an unusual cryptominer that seems to be based in China and is targeting Windows MS-SQL and phpMyAdmin servers. Some elements of the exploit make use of sophisticated components previously associated with nation-state actors.
Ophir Harpaz and Daniel Goldberg are members of the Guardicore Labs team, and they join us to explain their findings.
The research can be found here -
https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/

Released:

Jul 20, 2019

Format:

Podcast episode

More Episodes from CyberWire Daily

Skip carousel

Geopolitical tensions rise with China. [Research Saturday] by CyberWire Daily
35 min listen
Ransomware attack turns legal attack. by CyberWire Daily
40 min listen
Dropbox sign breach exposes secrets. by CyberWire Daily
41 min listen
Retirement plan breach shakes financial giant. by CyberWire Daily
40 min listen
Ransomware is just a prescription for chaos. by CyberWire Daily
31 min listen
An unprecedented surge in credential stuffing. by CyberWire Daily
32 min listen
Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes] by CyberWire Daily
8 min listen
Cerber ransomware strikes Linux. [Research Saturday] by CyberWire Daily
16 min listen
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] by CyberWire Daily
55 min listen
Kaiser Permanente's privacy predicament. by CyberWire Daily
29 min listen
The shadowy adversary in Cisco's crosshairs. by CyberWire Daily
30 min listen
Iran's covert cyber operations exposed. by CyberWire Daily
42 min listen
Visa crackdown against spyware swindlers. by CyberWire Daily
36 min listen
Renewed surveillance sparks controversy. by CyberWire Daily
36 min listen
Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X] by CyberWire Daily
18 min listen
Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes] by CyberWire Daily
7 min listen
The art of information gathering. [Research Saturday] by CyberWire Daily
32 min listen
Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3) [Special Edition] by CyberWire Daily
53 min listen
Swift responses to cyberattacks. by CyberWire Daily
31 min listen
From phishing to felony. by CyberWire Daily
34 min listen
The rebirth of Russia's cyber warfare. by CyberWire Daily
32 min listen
Weathering the phishing front. by CyberWire Daily
36 min listen
Hunting vulnerabilities. by CyberWire Daily
32 min listen
AWS in Orbit: Extending the resilient edge to space. [T-Minus AWS in Orbit]: We speak to AWS Aerospace and Satellite, and Iridium about extending the resilient edge to space. by CyberWire Daily
25 min listen
Encore: Stu Sjouwerman: Trying for a win, win, win game. [CEO] [Career Notes] by CyberWire Daily
6 min listen
AWS in Orbit: Building a resilient outernet. [T-Minus AWS in Orbit]: We speak to AWS Aerospace and Satellite, and Rivada Space Networks about enabling secure point-to-point global connectivity, and the opportunities of establishing a low-latency optical-link communication mesh network in low earth orbit. by CyberWire Daily
22 min listen
Breaking down a a high-severity vulnerability in Kubernetes. [Research Saturday] by CyberWire Daily
16 min listen
Privacy, power, and the path forward. by CyberWire Daily
31 min listen
Cyber Talent Insights: Navigating the landscape for enterprise organizations. (Part 1 of 3) [Special Edition] by CyberWire Daily
44 min listen
Apple's worldwide warning on mercenary attacks. by CyberWire Daily
43 min listen

Related podcast episodes

Skip carousel

AirDrop Vulns, Linux Hypocrite Commits, Wi-Fi Code Execution, & We'll Miss You Dan - PSW #692: This week in the Security News, Penetration testing leaving organizations with too many blind spots, A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks, Apple AirDrop Vulnerability Exposes Users’ Personal Information, Darkside... by Security Weekly Podcast Network (Video)
92 min listen
Vulcan Mind Meld - PSW #692: This week, Fleming Shi, CTO of Barracuda Networks, joins us for an interview to talk about Protecting the Hybrid Workforce! Then, Fred Gordy, Director of Cybersecurity at Intelligent Buildings, joins us for a discussion on Smart Building Control... by Security Weekly Podcast Network (Audio)
205 min listen
Hybrid war and cyber espionage. Ransomware in the produce aisle. Bypassing security filters in a BEC campaign. Identity-based attacks. Avoid pirated software. And what the bots have been scalping. by CyberWire Daily
29 min listen
Cyber spies and vulnerability goodbyes. RedLine Stealer and Vidar: the cryptkeepers. Social engineering TTPs. by CyberWire Daily
32 min listen
Docker, 42 Vulnerabilities, Backdoors, Spying on 100+ Foreign Govs. - PSW #639: In the Security News, Misconfigured Docker Registries Expose Thousands of Repositories, a Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks, Jail Software Left Inmate Data Exposed Online, Adobe... by Security Weekly Podcast Network (Video)
77 min listen
Olympic hacking—false flags and attack infrastructure. Cryptojacking. Smartphone security bans. Heraldic animals of hacking.: Olympic hacking—false flags and attack infrastructure. Cryptojacking. Smartphone security bans. Heraldic animals of hacking. by CyberWire Daily
21 min listen
Bugs and working from home. [Research Saturday] by CyberWire Daily
27 min listen
Minimum Safe Distance - ASW #148: We start with the article about "Researchers Secretly Tried To Add Vulnerabilities to Linux Kernel, Ended Up Getting Banned" and explore its range of issues from ethics to securing huge, distributed software projects. It's hardly novel to point out... by Security Weekly Podcast Network (Audio)
73 min listen
Daily: All your attack code are belong us. Guccifer 2.0 suddenly more fluent.: Daily: All your attack code are belong us. Guccifer 2.0 suddenly more fluent. by CyberWire Daily
16 min listen
ISC StormCast for Monday, April 11th, 2022: Misc Spring4Shell Items (Cisco, Mirai, Nginx); Russian CA Update; Conti Ransomware Copycats by SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
6 min listen
Vigilantes in the IoT. Bad actors find a friend in the ShadowBrokers. BankBot is back in the PlayStore. Pixel-tracking for target recon. A very big Oracle patch.: Vigilantes in the IoT. Bad actors find a friend in the ShadowBrokers. BankBot is back in the PlayStore. Pixel-tracking for target recon. A very big Oracle patch. by CyberWire Daily
16 min listen
International norms of cyber conflict. Fancy Bear's tradecraft (with a side of дезинформа́ция). RDPPatcher, Cerber, Ticketbleed, and Hermes. And the vibe around RSA 2017.: International norms of cyber conflict. Fancy Bear's tradecraft (with a side of дезинформа́ция). RDPPatcher, Cerber, Ticketbleed, and Hermes. And the vibe around RSA 2017. by CyberWire Daily
21 min listen
Filtering Out All the [Market] Noise - Andrew Morris - ESW #264: There's a LOT of noise in the security industry. We've catalogued over 10,000 cybersecurity products and each of the companies behind these products has a marketing team, a twitter account, a blog, and a ton of content to blast at enterprise security... by Enterprise Security Weekly (Video)
61 min listen
Filtering Out All the [Market] Noise - Andrew Morris - ESW #264: There's a LOT of noise in the security industry. We've catalogued over 10,000 cybersecurity products and each of the companies behind these products has a marketing team, a twitter account, a blog, and a ton of content to blast at enterprise security... by Security Weekly Podcast Network (Video)
61 min listen
International AI agreement, water utility attack, Ukraine cyberattack on Russian aviation: International AI agreement PA water utility hit by cyberattack Ukraine claims cyber attack against Russian aviation Huge thanks to our sponsor, SpyCloud Our sponsor today, , wants us to pay attention to a ransomware precursor that’s not being... by Cyber Security Headlines
7 min listen
April 25, 2022: Hackers find 122 vulnerabilities, 27 deemed critical, during first round of DHS bug bounty program Anonymous has leaked 5.8 TB of Russian data since declaring cyber war AWS's Log4j patches blew holes in its own security Thanks to today’s episode... by Cyber Security Headlines
9 min listen
Vigilantes and hacktivists. Point-of-sale malware source code leaks. Malicious extensions and apps. US Federal indictments: spying and hacking. Robo-caller gets record fine.: Vigilantes and hacktivists. Point-of-sale malware source code leaks. Malicious extensions and apps. US Federal indictments: spying and hacking. Robo-caller gets record fine. by CyberWire Daily
25 min listen
If you're running a red team, let someone know it's a drill. Apache patches Struts. Another exposed AWS bucket. Remcos abused by hackers. DPRK goes after Macs. Dark Tequila runs in Mexico.: If you're running a red team, let someone know it's a drill. Apache patches Struts. Another exposed AWS bucket. Remcos abused by hackers. DPRK goes after Macs. Dark Tequila runs in Mexico. by CyberWire Daily
20 min listen
Joker malware family: not a joke for Google Play. [Research Saturday] by CyberWire Daily
18 min listen
Kaseya and REvil by The Ransomware Files
46 min listen
Establishing software root of trust unconditionally. [Research Saturday]: Establishing software root of trust unconditionally. [Research Saturday] by CyberWire Daily
25 min listen
Diving deep into North Korea's APT37 tool kit. [Research Saturday] by CyberWire Daily
18 min listen
The evolution of malware, both criminal and state-run.: Turla tunes its tools. The commodity Trojan AnarchyGrabber is now stealing passwords. A new iOS jailbreak has been released. The UK reconsiders its decision to allow Huawei into its 5G networks. A tech group lobbies the US House against warrantless... by CyberWire Daily
20 min listen
NO. 394 — Vegas Recap, CISA MS Alert, China/US AI Fight, Deceased Kid AI, Following vs. Leading… by Unsupervised Learning
19 min listen
SCARLETEEL zaps back again. [Research Saturday] by CyberWire Daily
17 min listen
ISC StormCast for Friday, September 28th 2018: Enriching Radare2/x64dbg Output; Apple DEP; UEFI Rootkit by SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
6 min listen
ESW #313 - Pablo Zurro, Travis Howerton: Fortra's Core Security has conducted it's fourth annual survey of cybersecurity professionals on the usage and perception of pen testing. The data collected provides visibility into the full spectrum of pen testing’s role, helping to determine how... by Security Weekly Podcast Network (Audio)
148 min listen
Notes on the C2C market. A new cyberespionage threat actor has surfaced. Sharkbot made a brief return to Google Play. Privateering and catphishing in the hybrid war. by CyberWire Daily
30 min listen
DPRK returns to bank robbery. Ransomware updates. Patches from Oracle, Lenovo, BlackBerry. Criminal coin miners.: DPRK returns to bank robbery. Ransomware updates. Patches from Oracle, Lenovo, BlackBerry. Criminal coin miners. by CyberWire Daily
18 min listen
Google Drive used for malware? [Research Saturday] by CyberWire Daily
23 min listen

Discover this podcast and so much more

Nansh0u not your normal cryptominer. [Research Saturday]

Nansh0u not your normal cryptominer. [Research Saturday]

Description

More Episodes from CyberWire Daily

Related podcast episodes