New MrbMiner malware has infected thousands of MSSQL databases

Image: Caroline Grondin, Microsoft, ZDNet

A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.

Thousands of MSSQL databases have been infected so far, according to the cybersecurity arm of Chinese tech giant Tencent.

In a report published earlier this month, Tencent Security has named this new malware gang MrbMiner, after one of the domains used by the group to host their malware.

The Chinese company says the botnet has exclusively spread by scanning the internet for MSSQL servers and then performing brute-force attacks by repeatedly trying the admin account with various weak passwords.

Once the attackers gained a foothold on a system, they downloaded an initial assm.exe file, which they used to establish a (re)boot persistence mechanism and to add a backdoor account for future access. Tencent says this account uses the

Read More

Microsoft: These patches aim to make Linux run as root partition on Hyper-V

Microsoft has submitted a series of patches to Linux kernel developers requesting that Linux run as the root partition on the Hyper-V, its hypervisor software for running Windows and non-Windows instances on hardware. 

Microsoft “wants to create a complete virtualization stack with Linux and Microsoft Hypervisor”, according to Microsoft principle software engineer Wei Liu. 

Liu has proposed an RFC or request for comment that for now merely implements what are only the “absolutely necessary components to get things running”.  

“There will be a subsequent patch series to provide a device node (/dev/mshv) such that userspace programs can create and run virtual machines. We’ve also ported Cloud Hypervisor over and have been able to boot a Linux guest with Virtio devices since late July.”

Cloud Hypervisor is an experimental open-source hypervisor implementation from Intel written in the Rust programming language. It’s a virtual-machine monitor that runs on top of KVM, the

Read More

EU announces cross-territory contact-tracing app gateway

While other countries, most notably the UK, struggle to launch contact-tracing apps to help prevent the spread of the Covid-19 coronavirus, nations in the European Union (EU) have moved up a gear as they begin initial testing of the previously announced interoperability gateway service linking national apps across the EU.

Since the outbreak of the coronavirus pandemic, member states, backed by the European Commission (EC), have been assessing the effectiveness, security, privacy and data protection aspects of digital solutions to address the crisis.

In April, and as part of a common coordinated approach to support the gradual lifting of confinement measures that had been implemented across the EU, member states, supported by the EC, announced the development of a toolbox for the use of mobile applications for contact tracing and warning in response to the coronavirus pandemic. It stated that contact-tracing apps, if well-coordinated and fully compliant with EU rules,

Read More

Q&A with Facebook India head Ajit Mohan on the company's recent political controversy in India, its monetization opportunities, and startup investments (Manish Singh/TechCrunch)

Manish Singh / TechCrunch:

Q&A with Facebook India head Ajit Mohan on the company’s recent political controversy in India, its monetization opportunities, and startup investments  —  Facebook’s play in its biggest market by users  —  At the beginning of the previous decade, Facebook had a tiny presence in India.… Read More