Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware.
| | | LATEST SECURITY NEWS & COMMENTARY | | Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware. Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials The same attack that allowed a threat actor to steal data from private Heroku GitHub repositories also resulted in the compromise of customer credentials, the company now says. Critical Cisco VM-Escape Bug Threatens Host Takeover The vendor also disclosed two other security vulnerabilities that would allow remote, unauthenticated attackers to inject commands as root and snoop on sensitive user information. 1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia. Why Security Matters Even More in Online Gaming As the gaming sector booms, game publishers and gaming networks have been heavily targeted with distributed denial-of-service (DDoS) attacks in the last year. NIST Issues Guidance for Addressing Software Supply-Chain Risk Amid ongoing software supply-chain jitters, the US' top tech division is offering a finalized, comprehensive cybersecurity control framework for managing risk. FBI: Bank Losses From BEC Attacks Top $43B Law enforcement attributes a recent 65% spike in BEC attack losses to COVID-19 restrictions and the ongoing reality of a remote workforce. A Third of Americans Use Easy-to-Guess Pet Passwords Far too many turn to Jingles, Mittens, or Bella for password inspiration, given that these are some of the easiest passwords to crack. MORE NEWS / MORE COMMENTARY | | |
|
| | | FEATURED REPORTS | | Practical Network Security Approaches for a Multicloud, Hybrid IT World The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network State of the Cloud: A Security Perspective Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ... | | MORE REPORTS |
|
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To update your profile, change your e-mail address, or unsubscribe, click here. | | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
