article thumbnail

US CISA and NSA publish guidance to secure Kubernetes deployments

Security Affairs

In recent months the number of cyberattacks against misconfigured Kybernetes systems has surged, threat actors mainly used the to illegally mine cryptocurrencies. Use firewalls to limit unneeded network connectivity and encryption to protect confidentiality. Run containers and Pods with the least privileges possible.

Security 103
article thumbnail

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. Miscreants can abuse Docker Engine API to deploy containers they have created with the specific intent of mining cryptocurrencies. Docker Trusted Registry ).

Mining 84
article thumbnail

On the Twitter Hack

Schneier on Security

Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter's system administrators. These DMs are not end-to-end encrypted, meaning that they are unencrypted inside Twitter's network and could have been available to the hackers. Your guess is as good as mine.