On Thursday Akamai’s Security Intelligence Response Team (SIRT) released a write-up about a new botnet that had infected their honeypot. KmsdBot, as named by the SIRT, gains initial entry via SSH and then attempts several different methods of downloading the malware, including File Transfer Protocol (FTP) and cURL. From there, the bot establishes command and control (C2), where the attacker can determine whether the infected machine will participate in a Distributed Denial of Service (DDoS) attack or run its cryptominer.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security