Blog, Cybersecurity, Honeypots and Information Security

Blog

Cybersecurity

Honeypots

Information Security

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Security Affairs

MAY 4, 2022

The attacks were monitored by cybersecurity firm CrowdStrike, who discovered that the Docker Engine honeypots deployed between February 27 and March 1 were compromised and used in the DDoS attacks. CrowdStrike Intelligence assesses these actors almost certainly compromised the honeypots to support pro-Ukrainian DDoS attacks.

Honeypots

Honeypots Military Mining Government

Vulnerable Docker Installations Are A Playhouse for Malware Attacks

Security Affairs

MAY 6, 2022

Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. Figure 7:honeypot log – crypto miner attack. Figure 8: aaa.sh

Honeypots

Honeypots Mining Cybersecurity Security

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Apache Log4j Zero Day Exploit Puts Large Number of Servers at Severe Risk

eSecurity Planet

DECEMBER 10, 2021

A critical vulnerability in the open-source logging software Apache Log4j 2 is fueling a chaotic race in the cybersecurity world, with the Apache Software Foundation (ASF) issuing an emergency security update as bad actors searched for vulnerable servers. Anybody using Apache Struts is likely vulnerable. beta9 to 2.14.1.

Risk

Risk Libraries Cybersecurity Honeypots

Threat actors are attempting to exploit CVE-2021-22986 in F5 BIG-IP devices in the wild

Security Affairs

MARCH 19, 2021

Cybersecurity experts warn of ongoing attacks aimed at exploiting a recently patched critical vulnerability in F5 BIG-IP and BIG-IQ networking devices. “Starting this week and especially in the last 24 hours (March 18th, 2021) we have observed multiple exploitation attempts against our honeypot infrastructure.

Honeypots

Honeypots Cybersecurity Security Access

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

In May, Microsoft warned users to update their systems to address the remote code execution vulnerability dubbed BlueKeep , A few days later, the National Security Agency (NSA) also urged Windows users and administrators to install security updates to address BlueKeep flaw (aka CVE-2019-0708). They only expose port 3389.

Honeypots

Honeypots Security Authentication Information Security

Log4j Vulnerability Aftermath

Security Affairs

DECEMBER 21, 2021

Uptycs has already shared details about remediation and detection steps for its customers in the previous blog. In this blog post, we will talk about various malware categories that attackers are taking advantage of the Log4j vulnerability. Figure 5: Tsunami running from /dev/shm via cron.

Honeypots

Honeypots Ransomware Mining Encryption

Malware Training Sets: FollowUP

Security Affairs

MAY 14, 2019

So, I came up with this blog post and this GitHub repository where I proposed a new testing-set based on a modified version of Malware Instruction Set for Behavior-Based Analysis , also referred as MIST. The original post along many other interesting analysis are available on the Marco Ramilli blog: [link].

Artificial Intelligence

Artificial Intelligence Computer and Electronics Honeypots Cybersecurity

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Security Affairs

APRIL 23, 2023

Aqua analyzed the campaign after having set up K8s honeypots. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Kubernetes ) The post Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC appeared first on Security Affairs.

Mining

Mining Honeypots Cloud Access

Dark Frost Botnet targets the gaming sector with powerful DDoS

Security Affairs

MAY 26, 2023

The researchers first gathered a Dark Frost binary sample on February 28, 2023, that targeted one of its HTTP honeypots. The Dark Frost botnet was used to target gaming companies, game server hosting providers, online streamers, and even other members of the gaming community who the threat actor interacted with directly. We are in the final!

Honeypots

Honeypots Cybersecurity Security IT

Past, present, and future of the Dark Web

Security Affairs

MAY 16, 2019

There are many blogs that for the greater part deal with issues of cybersecurity and the rights of the digital population in terms of consumer protection and privacy. The dark web is full of honeypots. Information: 0.3% It is also impossible to determine the diffusion of honeypots. CONCLUSIONS. Black Markets: 0.2%.

Honeypots

Honeypots Marketing Access Military

Information Management Today

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Vulnerable Docker Installations Are A Playhouse for Malware Attacks

Trending Sources

Apache Log4j Zero Day Exploit Puts Large Number of Servers at Severe Risk

Threat actors are attempting to exploit CVE-2021-22986 in F5 BIG-IP devices in the wild

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Log4j Vulnerability Aftermath

Malware Training Sets: FollowUP

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Dark Frost Botnet targets the gaming sector with powerful DDoS

Past, present, and future of the Dark Web

Stay Connected