Docker has been one of the most popular default container runtime engines for users because of how straightforward it is. However, Red Hat has changed the way it supports running Docker, which causes users to switch to Podman. Security is a speculated reason why Red Hat changed its support for Docker. Podman is a close […]
Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers Pierluigi Paganini March 07, 2024 A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. The threat actors […]
Feb 01, 2024NewsroomCryptojacking / Linux Security Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. “The campaign deploys a benign container generated using the Commando project,” Cado security researchers Nate Bill and Matt Muir said in a new report published today. “The attacker escapes this container […]
Feb 01, 2024NewsroomCryptojacking / Linux Security Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. “The campaign deploys a benign container generated using the Commando project,” Cado security researchers Nate Bill and Matt Muir said in a new report published today. “The attacker escapes this container […]
Jan 18, 2024NewsroomServer Security / Cryptocurrency Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. “This is the first documented case of malware deploying the 9Hits application as a payload,” […]
Cybercriminals are targeting vulnerable Docker servers by deploying two containers: a standard XMRig miner and the 9Hits viewer application—an automated traffic exchange system. Cado Security researchers have discovered a new campaign targeting vulnerable Docker servers, deploying two containers – a regular XMRig miner and the 9hits viewer application. This is the first documented case of malware deploying the […]
Attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed denial-of-service (DDoS) attacks, according to a warning from researchers at the AhnLab Security Emergency Response Center. According to AhnLab, attacks targeting MySQL on Windows have increased in frequency with vulnerable MySQL servers infected with ‘Ddostf’, a DDoS-capable botnet of Chinese […]
Nov 14, 2023NewsroomCloud Security / Malware Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. “Attackers are exploiting this misconfiguration to deliver a malicious Docker container, built from an image named ‘oracleiv_latest’ and containing Python […]
Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious Docker container with Python malware compiled as an ELF executable. The malicious tool, functioning as a Distributed Denial of Service (DDoS) bot agent, exhibits various attack methods for conducting […]