Category: Cloud

New PCPJack worm steals credentials, cleans TeamPCP infections A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP’s access to the systems. […] Bill Toulas Go to bleepingcomputer

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. […] Bill Toulas Go to bleepingcomputer

Google: Cloud attacks exploit flaws more than weak credentials Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days. […] Bill Toulas Go to bleepingcomputer

Cloud file-sharing sites targeted for corporate data theft attacks A threat actor known as Zestix has been offering to corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. […] Bill Toulas Go to bleepingcomputer

Docker Hardened Images now open source and available for free More than a 1,000 Docker Hardened Images (DHI) are now freely available and open source for software builders, under the Apache 2.0 license. […] Bill Toulas Go to bleepingcomputer

Zeroday Cloud hacking event awards $320,0000 for 11 zero days The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. […] Bill Toulas Go to bleepingcomputer

Amazon disrupts Russian GRU hackers attacking edge network devices The Amazon Threat Intelligence team has disrupted active operations attributed to hackers working for the Russian foreign military intelligence agency, the GRU, who targeted customers’ cloud infrastructure. […] Bill Toulas Go to bleepingcomputer

Hackers hide behind Tor in exposed Docker API breaches A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could lay the foundation for a complex botnet. […] Bill Toulas Go to bleepingcomputer

Microsoft finds default Kubernetes Helm charts can expose data Microsoft warns about the security risks posed by default configurations in Kubernetes deployments, particularly those using out-of-the-box Helm charts, which could publicly expose sensitive data. […] Bill Toulas Go to bleepingcomputer

Cloudflare R2 service outage caused by password rotation error Cloudflare has announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. […] Bill Toulas Go to bleepingcomputer

Silk Typhoon hackers now target IT supply chains to breach networks Microsoft warns that Chinese cyber-espionage threat group ‘Silk Typhoon’ has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. […] Bill Toulas Go to bleepingcomputer

whoAMI attacks give hackers code execution on Amazon EC2 instances Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. […] Bill Toulas Go to bleepingcomputer

Hackers exploit critical Aviatrix Controller RCE flaw in attacks Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. […] Bill Toulas Go to bleepingcomputer