VERY IMPORTANT

Threat actors have turned to cryptocurrency mining as a reliable way to make a profit in recent months. Cryptocurrency miners use the computing power of end users to mine coins of various kinds, most commonly via malware or compromised websites. By compromising servers in order to run cryptocurrency miners, the threat actors would gain access to more computing power and increase their profits from illicit mining. In recent weeks we have noted a significant increase in the numbers of exploit attempts targeting two specific vulnerabilities: CVE-2017-5638 (a vulnerability in Apache Struts) and CVE-2017-9822 (a vulnerability in DotNetNuke). Patches for these vulnerabilities are already available. These vulnerabilities are in web applications that developers commonly use to build websites, making it likely that they are present on many servers. The Struts vulnerability was implicated in the massive Equifax breach in 2017.