Cado Security has revealed a newly encountered emerging malware campaign targeting misconfigured servers running the following web-facing services: Apache Hadoop YARN, Docker, Confluence, and Redis.
Notably, the new research depicts the exploitation of not just one but multiple services typically deployed in the cloud, deployment of Confluence, demonstrating a willingness to weaponize security research for nefarious purposes, and use of the Platypus reverse shell to maintain access to the host.
You can read the research here.
Related
This entry was posted on March 6, 2024 at 9:02 am and is filed under Commentary with tags Cado Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis, & Confluence
Cado Security has revealed a newly encountered emerging malware campaign targeting misconfigured servers running the following web-facing services: Apache Hadoop YARN, Docker, Confluence, and Redis.
Notably, the new research depicts the exploitation of not just one but multiple services typically deployed in the cloud, deployment of Confluence, demonstrating a willingness to weaponize security research for nefarious purposes, and use of the Platypus reverse shell to maintain access to the host.
You can read the research here.
Share this:
Like this:
Related
This entry was posted on March 6, 2024 at 9:02 am and is filed under Commentary with tags Cado Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.