Support Home

Welcome to USA2net's Technical Support homepage. Here you will find information regarding USA2net's email, troubleshooting guides, useful links, and USA2net suggested . As always, feel free to contact us during office hours (8am-5pm, Mon-Fri) or email us at anytime. Thank you for giving us the opportunity to serve you!

I need assistance with...

Latest Malware Alerts

Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide

We found a threat that scans for open ports and brute forces systems with weak credentials to drop a Monero cryptocurrency miner. While the installation and mining process is hidden by old evasion tool XHide Process Faker, the malware can be used for bigger attacks in the future as both the shellbot and miner can be monetized.

The post Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide appeared first on .

Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C&C

We observed a recent campaign that primarily targets financial institutions and governmental organizations in the South American region, particularly in Colombia. This blog post covers the activities we observed, the remote access tools (RATs) used, the campaign's techniques and procedures, and its indicators of compromise (IoCs). Our findings indicate that the campaign appears to be the work of a group involved in business email compromise (BEC) or cybercrime, and unlikely to be an advanced persistent threat (APT).

The post Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C&C appeared first on .

Jenkins Admins: Relying on Default Settings Could Put Master at Risk of Remote Code Execution Attacks

In our analysis, we observed that a user account with less privilege can gain administrator rights over the automation server if jobs are built on the master machine (i.e., the main Jenkins server), a setup enabled by default. An exploit for this can be easily written using shell spawn — a default build step. If an exploit is successfully deployed, an attacker can perform remote code execution (RCE) on the master, which can result to Jenkins being completely overwritten.

The post Jenkins Admins: Relying on Default Settings Could Put Master at Risk of Remote Code Execution Attacks appeared first on .

Our Services

High Speed Internet Get connected with High Speed Internet! Digital Home Phone Low cost home phone service