Blueliv Intelligence Briefing
Your cybersecurity news summary
Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.
Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.
Hackers use legitimate cloud monitoring tools to take over Docker, Kubernetes platforms
In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it. They used an opensource tool specifically created to monitor and control cloud environments with Docker and Kubernetes installations, thus reducing their footprint on the breached server. According to researchers, this may be the first time a legitimate third-party tool is abused to play the part of a backdoor in a cloud environment, also indicating the evolution of this particular group. Learn more >