Matt Muir
82 posts
Been away from here recently but I can finally share my first blog for @datadoghq, an updated campaign from the group behind Spinning YARN
securitylabs.datadoghq.com/articles/attac…
English
Matt Muir retweetledi
Fascinating paper about #eBPF based attacks on the cloud:
Cross Container Attacks:
The Bewildered eBPF on Clouds
usenix.org/system/files/u…
#linux #cloud #cloudsecurity
English
Latest research from the lab. This is an interesting one! 4 new discovery/initial access tools were found. Each tool contained code to exploit common misconfigurations (and n-day vulnerability) in either YARN, Docker, Confluence or Redis
Cado@CadoSecurity
Cado Security Labs discover Spinning YARN, an emerging malware campaign using novel Golang payloads to exploit #Docker, Hadoop #YARN, #Confluence and #Redis hosts. Full analysis here: hubs.li/Q02nlVt-0 #cloudsecurity #cloudforensics #cloudIR #threatintel #spinningYARN
English
Our latest blog covering #Migo - a Golang miner targeting Redis. This one attempts to weaken the Redis server by issuing various config commands, before deploying a user mode rootkit to hide the miner
cadosecurity.com/migo-a-redis-m…
English
🐈 Here’s a new blog from us covering a novel attack named “Commando Cat” 🐈
The fun never stops with these Docker-focused campaigns!
cadosecurity.com/the-nine-lives…
English
Thanks to everyone that attended/tuned-in to my talk for @SANSInstitute today! There have been some requests for me to upload the slides, so here they are
slideshare.net/slideshows/bey…
English
Matt Muir retweetledi
If you're at the SANS CTI summit today - check out @_mattmuir 's talk "Beyond Cryptojacking: Studying Contemporary Malware in the Cloud"
sans.org/cyber-security…
English
Great research by our talented colleague Nate!
Cado@CadoSecurity
Cado Security Labs researchers discover #novel #malware campaign that deploys the #9hits application as a #payload. 🔎 Full analysis here: hubs.li/Q02gTT170 #cloudsecurity #cloudforensics #cloudIR #threatresearch #threatintelligence #cloudincidentresponse
English
Continuing to follow this Rust botnet! A new #p2pinfect sample targeting MIPS
Cado@CadoSecurity
New discovery by Cado Security Labs. A new #P2Pinfect variant demonstrating increased targeting of Microprocessor without Interlocked Pipelined Stages (MIPS) including routers and IoT. Full analysis here: hubs.li/Q02bPzv70 #threatintelligence #threatresearch #cloudsecurity
English
Latest blog from us :D OracleIV - a dockerised DDoS botnet
cadosecurity.com/oracleiv-a-doc…
English