Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware.
Follow Dark Reading:
 May 06, 2022
LATEST SECURITY NEWS & COMMENTARY
Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks
Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware.
Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials
The same attack that allowed a threat actor to steal data from private Heroku GitHub repositories also resulted in the compromise of customer credentials, the company now says.
Critical Cisco VM-Escape Bug Threatens Host Takeover
The vendor also disclosed two other security vulnerabilities that would allow remote, unauthenticated attackers to inject commands as root and snoop on sensitive user information.
1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
Why Security Matters Even More in Online Gaming
As the gaming sector booms, game publishers and gaming networks have been heavily targeted with distributed denial-of-service (DDoS) attacks in the last year.
NIST Issues Guidance for Addressing Software Supply-Chain Risk
Amid ongoing software supply-chain jitters, the US' top tech division is offering a finalized, comprehensive cybersecurity control framework for managing risk.
FBI: Bank Losses From BEC Attacks Top $43B
Law enforcement attributes a recent 65% spike in BEC attack losses to COVID-19 restrictions and the ongoing reality of a remote workforce.
A Third of Americans Use Easy-to-Guess Pet Passwords
Far too many turn to Jingles, Mittens, or Bella for password inspiration, given that these are some of the easiest passwords to crack.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
What Star Wars Teaches Us About Threats
The venerable film franchise shows us how to take threats in STRIDE.

Security Stuff Happens: What Will the Public Hear When You Say You've Been Breached?
A company's response to a breach is more important than almost anything else. But what constitutes a "good" response following a security incident? (Part 2 of a series.)

How to Create a Cybersecurity Mentorship Program
As the talent shortage rages on, companies have found mentorship programs to be one of the best ways to obtain the security skills they need to develop their existing teams.

MORE
EDITORS' CHOICE

China-Backed Winnti APT Siphons Reams of US Trade Secrets in Sprawling Cyber-Espionage Attack
Operation CuckooBees uncovered the state-sponsored group's sophisticated new tactics in a years-long campaign that hit more than 30 tech and manufacturing companies.
LATEST FROM THE EDGE

Name That Edge Toon: Flower Power
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

Microsoft, Apple, and Google Promise to Expand Passwordless Features
The passwordless future just became closer to reality, as Microsoft, Apple, and Google pledged to make passwordless possible across operating systems and browsers.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Building an Effective Active Directory Security Strategy

    For cyber criminals, Microsoft's Active Directory is a treasure trove of user identity and system access. But while Active Directory is a potential attack vector, it can also play a crucial role in enterprise cyber defenses. In this webinar, experts ...

  • Building and Maintaining an Effective IoT Cybersecurity Strategy

    The Internet of Things (IoT) is much bigger than appliances in business contexts, as tools and non-computer devices are increasingly connected to the Internet. And attackers are taking advantage of these Internet-enabled technologies to target corporate data and systems. How ...
MORE WEBINARS
FEATURED REPORTS
  • Practical Network Security Approaches for a Multicloud, Hybrid IT World

    The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network

  • State of the Cloud: A Security Perspective

    Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ...
MORE REPORTS
CURRENT ISSUE

Practical Network Security Approaches for a Multicloud, Hybrid IT World
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies
Cisco Announces Cloud Controls Framework Is Now Available to Public
AutoRABIT Secures $26M in Series B Investment from Full In Partners to Expand DevSecOps Platform
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |   Informa Tech  |   Privacy Statement  |   Terms & Conditions  |  Contact Us