vimarsana.com

Latest Breaking News On - Ophir harpaz - Page 3 : vimarsana.com

Hyper-V bug that could crash big portions of Azure cloud infrastructure : Code published

Hyper-V bug that could crash big portions of Azure cloud infrastructure : Code published
theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.

Israeli Cyber Experts Uncover Massive Attack on 85,000 MySQL Servers

Israeli Cyber Experts Uncover Massive Attack on 85,000 MySQL Servers Maya Margit 12/21/2020 At least 250,000 databases have been compromised by anonymous group of hackers who remain at large At least 85,000 MySQL servers around the world have been breached in a massive ransomware campaign, Israeli cybersecurity experts have warned. MySQL is an open-source database management system used by companies in a variety of sectors. The attack, called PLEASE READ ME, has so far resulted in at least 250,000 stolen databases being compromised and posted for sale on the dark web. This is a really vast target. There are almost 5 million of [these MySQL servers] in the world so this is a very attractive target for hackers

Ransomware Attacks Hitting Vulnerable MySQL Servers

Auction site used by hackers to sell compromised MySQL databases (Source: Guardicore Labs) Hackers are targeting thousands of vulnerable MySQL servers around the world, using ransomware to exfiltrate data from organizations as a way to demand payment before making the information public, according to a report released this week by Guardicore Labs. In addition to the ransomware and extortion campaign, the hackers are selling access to over 250,000 stolen databases through a darknet market when victims don t pay, according to the report. The hacking campaign that the Guardicore Labs analysts discovered appears to have started in January and is still active, targeting vulnerable MySQL databases around the world, says Ophir Harpaz, a security researcher, who estimates that about 5 million MySQL servers are exposed to the public internet and are potentially vulnerable to this or another type of attack.

250,000 stolen MySQL databases auctioned on the dark web

PLEASE READ ME has reportedly been active since January 2020, attacking weak credentials on internet-facing MySQL servers. Since then, Guardicore Global Sensors Network (GGSN) reported 92 attacks, with numbers rising sharply in October. According to Guardicore researchers, the ransomware attacks originated from 11 different IP addresses, most of which were found to be located in the UK and Ireland. The ransomware campaign is untargeted, meaning that it attempts to infect any of the five million MySQL servers which are internet-facing. Hackers exploit weak credentials and are able to re-access the network by leaving a backdoor user on the database for persistence. Guardicore Labs researchers managed to discover two different variants during the lifetime of this campaign. The first, which lasted from January to the end of November, saw attackers leaving their victims a ransom note with their wallet address, the amount of Bitcoin to pay, as well as an email address for technical supp

New ransomware campaign exploits weak MySQL credentials to lock thousands of databases

Researchers at Guardicore Labs have uncovered a year-long malware-less ransomware campaign targeting millions of internet-facing MySQL databases. The campaign, named PLEASE READ ME by researchers, has been going on since January 2020 and has utilized an “extremely simple” attack chain to carry out at least 92 separate attacks over the past year, with a sharp rise in volume since October. Interestingly, the operators do not appear to be utilizing any actual ransomware payload in their attacks. It begins by brute forcing weak password protocols for MySQL databases, followed by collection of data on existing tables and users before installing a hidden backdoor on the way out to facilitate future break-ins.

© 2025 Vimarsana

vimarsana © 2020. All Rights Reserved.