NOBELIUM targeting delegated administrative privileges to facilitate broader attacks

The Microsoft Threat Intelligence Center (MSTIC) has detected nation-state activity associated with the threat actor tracked as NOBELIUM, attempting to gain access to downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations Read More …

Actors Target Huawei Cloud Using Upgraded Linux Malware

Trend Micro researchers have recently noticed another Linux threat evolution that targets relatively new cloud service providers (CSPs) with cryptocurrency-mining malware and cryptojacking attacks. In this article, they discuss a new Linux malware trend in which malicious actors deploy code Read More …

Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk

Four Microsoft zero-day vulnerabilities in the Azure cloud platform’s Open Management Infrastructure (OMI) — a software that many don’t know is embedded in a host of services — show that OMI represents a significant security blind spot, researchers said. Collectively Read More …

NSA, CISA release Kubernetes Hardening Guidance

FORT MEADE, Md. – The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report details threats to Kubernetes environments and provides configuration guidance to minimize risk. Read More …

Industrial Networks Exposed Through Cloud-Based Operational Tech

The benefits of using a cloud-based management platform to monitor and configure industrial control systems (ICS) devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be Read More …

TeamTNT Campaigns Emphasize Importance of Addressing Cloud Security Gaps

Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research that encompasses the malicious actor group’s campaigns, tools, and techniques in 2020 and early 2021. Although believed to have been Read More …

Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments

In March 2021, I uncovered the first known malware targeting Windows containers, a development that is not surprising given the massive surge in cloud adoption over the past few years. I named the malware Siloscape (sounds like silo escape) because Read More …