CPU-miner Installed via Windows OS Vulnerability

Update 5/6/2017:  Close port 445 and apply MS 17-010

I have triaged a handful of Windows servers this week that started out being ticketed as high CPU / performance issues.

Upon investigation, I have found XMR cryptocurrency miners being installed through a Windows OS Vulnerability.

Read More