Threat actors take advantage of the spread of COVID-19 for malicious campaigns. Goods and services related to the virus also appear in underground marketplaces and cybercriminal forums.
Starting this year, Ryuk began using another dropper called BazarLoader (also known as BazarBackdoor), which is primarily distributed via phishing emails that contain either malicious attachments or links to websites that host malware.
A critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could lead to supply chain attacks.
A watering hole campaign we dubbed as Operation Earth Kitsune is spying on users’ systems through compromised websites. Using SLUB and two new malware variants, the attacks exploit vulnerabilities including those of Google Chrome and Internet Explorer.
With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure.
Can your container image be trusted? Learn how Docker Content Trust (DCT) employs digital signatures for container image verification and manages trusted collections of content.
With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure.
Our underground monitoring revealed several ways how criminals have been entertaining themselves during isolation, with normal activities that offer cyber-crime-related prizes.