Search Results
Results For:
AndroxGh0st – the python malware exploiting your AWS keys
Hackers may hijack AWS infrastructure for a number of reasons. However, the most common motives are to facilitate illicit cryptomining or spamming. While cryptomining… Read More
Lire la suiteWhat you need to know about the latest critical OpenSSL vulnerability
OpenSSL is an open source project that powers most of the security communications and cryptography on the internet. It’s one of those critical projects… Read More
Lire la suiteNew Lacework Cloud Threat Report reveals stealthier adversaries are focusing on infrastructure
If one word could sum up the observations of the Lacework Labs team over the past six months, it’s speed. Adversaries are adapting to become… Read More
Lire la suiteThreat detection and response tools are built on shaky foundations, leaving your cloud workloads at risk
Les agents chargés de la détection des failles de sécurité sont des outils puissants et efficaces conçus pour détecter les menaces pesant sur les workloads du cloud. Cependant, Lacework Labs a récemment repéré des vulnérabilités qui pourraient permettre... En savoir plus
Lire la suiteRecent trends in S3 targeting
A recent report by Thales revealed that almost half of all businesses have experienced a cloud-based data breach… Read More
Lire la suiteIdentifying detection opportunities in cryptojacking attacks
Cryptojacking/cryptomining (T1496) is a well-known threat to the security industry. While frequently dismissed as an annoyance rather than an actual security incident, cryptomining is… Read More
Lire la suiteKubernetes tools are helpful for your team and sadly, your attacker
Overview Defenders must constantly stay aware of the latest attacker trends to ensure their organizations’ assets are protected. In recent years, leveraging commonly found… Read More
Lire la suiteSecurity Advisory: CVE-2022-26134 RCE in multiple Atlassian products
Summary On Jun 2nd Lacework Labs was made aware of CVE-2022-26134, a critical unauthenticated remote code execution vulnerability within… Read More
Lire la suiteSecurity Advisory: Critical vulnerabilities in VMware
CVE(s) (if available): CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961, CVE-2022-22972, CVE-2022-22973 Summary In early April VMware released patches for remote code… Read More
Lire la suiteMalware targeting latest F5 vulnerability
On May 9th, 2022 a remote code execution vulnerability in F5’s Big IP suite of appliances under CVE-2022-1388. Per… Read More
Lire la suite