Tag: kubernetes
3 attack reports | 0 vulnerabilities
Attack reports
Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale
A new cryptojacking campaign targeting Docker Engine API has been discovered, with the ability to move laterally to Docker Swarm, Kubernetes, and SSH servers. The attackers exploit exposed Docker API endpoints to deploy cryptocurrency miners and additional malicious payloads. They utilize Docker Hu…
Downloadable IOCs 41
DERO cryptojacking adopts new techniques to evade detection
This report examines the threat actors behind a 2023 cryptojacking campaign targeting misconfigured Kubernetes clusters, focusing on their evolving techniques to avoid detection. It analyzes the malicious Docker images they deployed, the hardcoded wallet and pool information in the DERO miner binar…
Downloadable IOCs 18
Attackers exploiting new critical vulnerabilities on Kubernetes clusters
Microsoft security researchers have uncovered an attack campaign exploiting recently disclosed critical vulnerabilities in the OpenMetadata platform to gain unauthorized access to Kubernetes clusters, followed by reconnaissance and the deployment of crypto-mining malware. The vulnerabilities, affec…
Downloadable IOCs 6
Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale
A new cryptojacking campaign targeting Docker Engine API has been discovered, with the ability to move laterally to Docker Swarm, Kubernetes, and SSH servers. The attackers exploit exposed Docker API endpoints to deploy cryptocurrency miners and additional malicious payloads. They utilize Docker Hu…
Downloadable IOCs 41
DERO cryptojacking adopts new techniques to evade detection
This report examines the threat actors behind a 2023 cryptojacking campaign targeting misconfigured Kubernetes clusters, focusing on their evolving techniques to avoid detection. It analyzes the malicious Docker images they deployed, the hardcoded wallet and pool information in the DERO miner binar…
Downloadable IOCs 18
Attackers exploiting new critical vulnerabilities on Kubernetes clusters
Microsoft security researchers have uncovered an attack campaign exploiting recently disclosed critical vulnerabilities in the OpenMetadata platform to gain unauthorized access to Kubernetes clusters, followed by reconnaissance and the deployment of crypto-mining malware. The vulnerabilities, affec…
Downloadable IOCs 6
Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale
A new cryptojacking campaign targeting Docker Engine API has been discovered, with the ability to move laterally to Docker Swarm, Kubernetes, and SSH servers. The attackers exploit exposed Docker API endpoints to deploy cryptocurrency miners and additional malicious payloads. They utilize Docker Hu…
Downloadable IOCs 41
DERO cryptojacking adopts new techniques to evade detection
This report examines the threat actors behind a 2023 cryptojacking campaign targeting misconfigured Kubernetes clusters, focusing on their evolving techniques to avoid detection. It analyzes the malicious Docker images they deployed, the hardcoded wallet and pool information in the DERO miner binar…
Downloadable IOCs 18
Attackers exploiting new critical vulnerabilities on Kubernetes clusters
Microsoft security researchers have uncovered an attack campaign exploiting recently disclosed critical vulnerabilities in the OpenMetadata platform to gain unauthorized access to Kubernetes clusters, followed by reconnaissance and the deployment of crypto-mining malware. The vulnerabilities, affec…
Downloadable IOCs 6