Blueliv Intelligence Briefing

Your cybersecurity news summary

Tuesday,   August 18th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Cryptomining bot TeamTNT steals AWS credentials

The group would access the API and deploy servers inside the Docker install that would run DDoS and crypto-mining malware. According to researchers, the TeamTNT botnet is now targeting also misconfigured Kubernetes installations. The botnet operators have added a new feature that scans the underlying infected servers for any Amazon Web Services (AWS) credentials. The TeamTNT bot borrows the code from another worm tracked as Kinsing, which was spotted in April while targeting Docker clusters to deploy crypto-miners. Learn more >

Demo Free Trial MSSP