Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: linux malware

1 attack reports | 0 vulnerabilities

Attack reports

Attackers Target Exposed Docker Remote API Servers With perfctl Malware

An unknown threat actor is exploiting exposed Docker Remote API servers to deploy the perfctl malware. The attack sequence involves probing the server, creating a Docker container with specific settings, and executing a Base64 encoded payload. The payload escapes the container, creates a bash scrip…

evasion
persistence
docker
privilege escalation
perfctl
2024-10-21
remote api
linux malware
container exploitation
Published: October 21, 2024

Downloadable IOCs 6

» Click here to see all Attack Reports «