Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Cryptojacking, Freejacking Compromise Cloud Infrastructure

Cybercriminal groups are targeting misconfigured Docker and Kubernetes clusters — or just automating the sign-up process for free trial accounts — to build infrastructure for cryptomining.

DARKReading
Open in Source
#git#java#kubernetes#backdoor#docker
3 Steps Small Businesses Can Take to Prevent Cyberattacks

Setting priorities for internal security measures and outsourcing complex practices help protect small and midsize businesses.

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the malware families FastFire, FastViewer, and FastSpy. "The FastFire malware is disguised as a Google security plugin, and the

Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military

The threat actor behind a remote access trojan called RomCom RAT has been observed targeting Ukrainian military institutions as part of a new spear-phishing campaign that commenced on October 21, 2022.  The development marks a shift in the attacker's modus operandi, which has been previously attributed to spoofing legitimate apps like Advanced IP Scanner and pdfFiller to drop backdoors on

Top 10 Kubernetes Security Risks Every DevSecOps Pro Should Know

The mission to run any containerized application on any infrastructure makes security a challenge on Kubernetes.

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector

A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors. The Microsoft Security Threat Intelligence team, which is tracking the threat cluster under the moniker DEV-0832, said the group avoids deploying ransomware in some cases and rather likely carries out extortion using

Threat Groups Repurpose Banking Trojans into Backdoors

Ursnif, a one-time banking Trojan also known as Gozi, becomes the latest codebase to be repurposed as a more general backdoor, as malware developers trend toward modularity.

How the Software Supply Chain Security is Threatened by Hackers

Introduction In many ways, the software supply chain is similar to that of manufactured goods, which we all know has been largely impacted by a global pandemic and shortages of raw materials.  However, in the IT world, it is not shortages or pandemics that have been the main obstacles to overcome in recent years, but rather attacks aimed at using them to harm hundreds or even thousands of

Backdoor.Win32.Psychward.10 MVID-2022-0651 Remote Command Execution

Backdoor.Win32.Psychward.10 malware suffers from an unauthenticated remote command execution vulnerability.