Today > | 3 Medium | 2 Low vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
Recent research has uncovered a new malicious campaign orchestrated by the notorious hacking group TeamTNT. This campaign exploits exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, utilizing compromised servers and Docker Hub as infrastructure for spreading their mali…
A malicious actor has been observed targeting Docker remote API servers to deploy the SRBMiner cryptominer for mining XRP cryptocurrency. The attacker utilizes the gRPC protocol over h2c (clear text HTTP/2 protocol) to evade security measures and execute cryptomining operations on Docker hosts. The…
A new cryptojacking campaign targeting Docker Engine API has been discovered, with the ability to move laterally to Docker Swarm, Kubernetes, and SSH servers. The attackers exploit exposed Docker API endpoints to deploy cryptocurrency miners and additional malicious payloads. They utilize Docker Hu…