Mastodawn

Tedi Heriyanto Jul 14, 2023

Aqua Nautilus team dive into the full extent of the campaign and provide a more comprehensive exploration of an extensive TeamTNT campaign: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign

#teamtnt #JupyterLab #dockerapi #cloudsecurity #KubernetesSecurity #weavescope #aws #azure #gcp

TeamTNT Reemerged with New Aggressive Cloud Campaign

The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and others.

Tedi Heriyanto Jul 12, 2023

Aqua Nautilus researchers identified an infrastructure of a potentially massive campaign against cloud native environments. At this stage an infrastructure is being built to support a worm like expansion across misconfigured Docker APIs and JupyterLAb instances: https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack

#teamtnt #JupyterLab #dockerapi #cloudsecurity

Threat Alert: Anatomy of Silentbob’s Cloud Attack

Nautilus identified infrastructure in early stages of testing and deployment, of a cloud worm, designed to deploy on exposed JupyterLab and Docker APIs

ITSEC News Dec 1, 2020

Misconfigured Docker Servers Under Attack by Xanthe Malware - The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs. https://threatpost.com/misconfigured-docker-servers-xanthe-malware/161732/ #cloudsecurity #misconfigured #cryptomining #websecurity #ciscotalos #dockerapi #malware #botnet #docker #monero #xanthe #xmrig #ssh

Misconfigured Docker Servers Under Attack By Xanthe Malware

The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs.

Threatpost - English - Global - threatpost.com