Threat Advisories

Enemybot malware expands its arsenal by exploiting well-known vulnerabilities

June 2, 2022

Threat Level

Red

Attack Report

For a detailed advisory, download the pdf file here

Summary

EnemyBot, a Mirai-based botnet, is expanding its arsenal by exploiting well-known vulnerabilities in log4j, VMware workspace, Spring Framework, and others. Keksec, also known as Nero and Freakout, is the threat actor behind EnemyBot. Since 2016, this group has been known for crypto-mining and distributed denial-of-service (DDoS) attacks.

Mozilla addresses security vulnerabilities in Firefox, Firefox ESR, and Thunderbird

How to Evolve Your Vulnerability Management to Threat Exposure Management