The China-based threat group Water Sigbin, known for deploying cryptocurrency-mining malware, exhibited new techniques to evade detection. It exploited CVE-2017-3506 and CVE-2023-21839 to deploy a PowerShell script executing a miner. The script utilized complex encoding, environment variables to hi…
Published: May 30, 2024