Originally reported by ZDNet, Sophos has recently published a report identifying the threat group behind the MrbMiner cryptomining botnet. After identifying the underlying infrastructure that makes up MrbMiner, Sophos named an Iranian software development firm as the culprit. Sophos found several MrbMiner domains were hosted from the same server used to host vihansoft[.]ir, which is the website of the accused Iranian-based software firm. Additionally, that domain was reused by the Command and Control (C2) server for the MrbMiner operation.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security