Exposed Docker Daemons Fuel DDoS Botnet
The for-hire platform leverages legitimate cloud-native tools to make detection and disruption harder for defenders and SOC analysts.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The for-hire platform leverages legitimate cloud-native tools to make detection and disruption harder for defenders and SOC analysts.
"Spinning YARN" cyberattackers wielding a Linux webshell are positioning for broader cloud compromise by exploiting common misconfigurations and a known Atlassian Confluence bug.
The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloud-native developer worldwide.
Cybercriminal groups are targeting misconfigured Docker and Kubernetes clusters — or just automating the sign-up process for free trial accounts — to build infrastructure for cryptomining.
Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.
Public Travis CI logs loaded with GitHub, AWS, Docker Hub account tokens, and other sensitive data could be leveraged for lateral cloud attacks.
Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware.