Attackers Use Containers for Profit via TrafficStealer

Credit to Author: Alfredo Oliveira| Date: Wed, 26 Apr 2023 00:00:00 +0000

We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.

Read more

In Review: What GPT-3 Taught ChatGPT in a Year

Credit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000

Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.

Read more

Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk

Credit to Author: Trend Micro Research| Date: Tue, 07 Feb 2023 00:00:00 +0000

In this investigation, we analyzed several prominent “passive income” applications and found out that there may be security risks upon participating in these programs.

Read more

Threat Actors Target AWS EC2 Workloads to Steal Credentials

Credit to Author: Nitesh Surana| Date: Wed, 26 Oct 2022 00:00:00 +0000

We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools.

Read more

Security Breaks: TeamTNT’s DockerHub Credentials Leak

Credit to Author: Nitesh Surana| Date: Mon, 12 Sep 2022 00:00:00 +0000

One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022.

Read more

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

Credit to Author: David Fiser| Date: Wed, 17 Aug 2022 00:00:00 +0000

While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.

Read more

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

Credit to Author: Daniel Lunghi| Date: Fri, 12 Aug 2022 00:00:00 +0000

We found APT group Iron Tiger’s malware compromising chat application Mimi’s servers in a supply chain attack.

Read more

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

Credit to Author: Jaromir Horejsi| Date: Thu, 11 Aug 2022 00:00:00 +0000

We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension.

Read more

Facebook’s Metaverse is Expanding the Attack Surface

Credit to Author: William Malik| Date: Mon, 08 Aug 2022 00:00:00 +0000

Understand the cybersecurity risks in the Metaverse

Read more