First-Ever Cyber Attack Via Kubernetes RBAC
Recently, a new attack campaign has been discovered by the cybersecurity researchers at Aqua Security that exploits Kubernetes RBAC to assemble backdoors and mine...
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
Apr 22, 2023Ravie LakshmananPatch Management / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known...
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat
Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also...
Critical Flaws in Alibaba postgreSQL let Attackers Access Data
Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB.
Both of them were in support of PostgreSQL. Wiz security...
AuKill Malware Kills EDR Clients To Attack Windows Systems
A new hacking tool, AuKill, disables Endpoint Detection & Response (EDR) software for threat actors to launch BYOD attacks by deploying backdoors and ransomware...
14 Kubernetes and Cloud Security Challenges and How to Solve Them
Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the...
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to...
Russia-linked APT28 Group Exploiting Cisco Routers
A recent report from CISA (US Cybersecurity and Infrastructure Security Agency) revealed that the APT 28 group was responsible for exploiting Cisco routers with...
GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
Apr 21, 2023Ravie LakshmananCloud Security / Vulnerability
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could...
ICICI Bank Data Leak – Millions of Customers’ Data Exposed
Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data.
ICICI Bank, a multinational...