Elastic Agent: A quick overviewLet’s start with Elastic Agent and some of the additional terminology that comes with it.Elastic Agent provides a unified way to enable host monitoring of various data types such as logs, metrics, and other data. Additionally, it offers protection from security threats, operating system data querying, remote service or hardware data forwarding, … [Read more...] about Getting started with the Elastic Stack and Docker Compose: Part 2
Docker
New Docker Cryptojacking Attempts Detected Over 2021 Holidays
Cryptocurrency mining has become very popular among malicious actors that aim to profit by exploiting cloud attack surfaces. Exposed Docker APIs have become a common target for cryptominers to mine various cryptocurrencies. According to the Google Threat Horizon report published Nov. 29, 2021, 86% of compromised Google Cloud instances were used to perform cryptocurrency mining. … [Read more...] about New Docker Cryptojacking Attempts Detected Over 2021 Holidays
Wormable DarkRadiation Ransomware Targets Linux and Docker Instances
Cybersecurity researchers have disclosed a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications. "The ransomware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions," researchers from … [Read more...] about Wormable DarkRadiation Ransomware Targets Linux and Docker Instances
Xanthe – Docker aware miner
Cisco Blogs / Security / Threat Research / Xanthe – Docker aware miner By Vanja Svajcer with contributions from Adam Pridgen Attackers are constantly reinventing ways of monetizing their tools. Cisco Talos recently discovered an interesting campaign affecting Linux systems employing a multi-modular botnet with several ways to spread and a payload focused on … [Read more...] about Xanthe – Docker aware miner
Docker Images Containing Cryptojacking Malware Distributed via Docker Hub
With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies.According to a report published by Palo Alto Networks' Unit 42 threat intelligence … [Read more...] about Docker Images Containing Cryptojacking Malware Distributed via Docker Hub
Docker Hub Hack Affects 190K Accounts
Github and Bitbucket tokens for Docker autobuilds are also impacted. Source link … [Read more...] about Docker Hub Hack Affects 190K Accounts
Docker Hub Suffers a Data Breach, Asks Users to Reset Password
Docker Hub, one of the largest cloud-based library of Docker container images, has suffered a data breach after an unknown attacker gained access to the company's single Hub database.Docker Hub is an online repository service where users and partners can create, test, store and distribute Docker container images, both publicly and privately. The breach reportedly exposed … [Read more...] about Docker Hub Suffers a Data Breach, Asks Users to Reset Password