Labs Archives Lacework

Search Results

Results For:
Blog

Log4j aujourd'hui : se préparer pour demain

Greg Foss, Lacework Labs The holiday season is never complete without a significant security event unfolding as the year comes to an end. Read More

Read More
Blog

Attaques Log4j – Bilan sur une semaine

Key Takeaways Log4J Vulnerabilities (CVE-2021-44228, CVE-2021-45046)  are being exploited by opportunistic attackers. Evasion techniques are being employed to subvert detection. Overview A week… Read More

Read More
Blog

Lacework Labs Identifies Log4J Attacks

Key Takeaways CVE-2021-44228 is being adopted by opportunistic attackers. Mirai and Kinsing are being distributed via this attack vector. Overview Lacework Labs is constantly… Read More

Read More
Blog

HCRootkit / Sutersu Linux Rootkit Analysis

Jared Stroud, Tom Hegel Cloud Security Researchers – Lacework Labs Key Points Lacework Labs identified new samples and… Read More

Read More
Blog

Des menaces bien visibles qui profitent du manque de politiques d'audit Kubernetes

Jared Stroud Cloud Security Researcher – Lacework Labs Key Points: Kubernetes Audit Policies are critical for cluster-level visibility. Read More

Read More
Blog

Clés SSH de repérage des menaces – Fonctionnalité de script bash – Pivoting

Tom Hegel Cloud Security Researcher – Lacework Labs   Malicious actors often add SSH keys to victim hosts for persistence (… Read More

Read More
Blog

Le piratage façon 1999 – l'automatisation façon 2021

Jared Stroud Cloud Security Researcher – Lacework Labs  The Takeaways Lacework Labs is releasing a Ghidra script to… Read More

Read More
Blog

Keksec & Tsunami-Ryuk

Chris Hall Cloud Security Researcher – Lacework Labs   Key Takeaways  Keksec is now leveraging a new Tsunami DDoS malware dubbed “Ryuk”… Read More

Read More
Blog

Mettre les images Docker de TeamTNT hors ligne

Jared Stroud Cloud Security Researcher – Lacework Labs  The Takeaways TeamTNT targets exposed Docker API to deploy malicious images. Read More

Read More
Blog

Sysrv-Hello Expands Infrastructure

  Chris Hall and Jared Stroud Cloud Security Researchers, Lacework Labs   Sysrv-hello is a multi-architecture Cryptojacking (T1496) botnet that first… Read More

Read More