Watchbog and the Importance of Patching

By Luke DuCharme and Paul Lee. What Happened? Cisco Incident Response (CSIRS) recently responded to an incident involving the Watchbog cryptomining botnet. The attackers were able to exploit CVE-2018-1000861 to gain a foothold and install the Watchbog malware on the affected systems. This Linux-based malware relied heavily on Pastebin for command and control (C2) and operated openly.

You can read the full article here.