Attackers Use Docker APIs, Tor Anonymity in Stealthy Crypto Heist
The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.
API Leak Management software discovers exposed API keys and other secrets, blocks their use, and monitors for abuse, the company says.
Corsha’s Annual State of API Secrets Management Report finds over 50% of respondents suffered a data breach due to compromised API secrets.
A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping.
Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform.