Hackers use legitimate cloud monitoring tools to take over Docker, Kubernetes platforms

Wednesday, September 9th, 2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Cyber Threats

Intelligence Briefing

Hackers use legitimate cloud monitoring tools to take over Docker, Kubernetes platforms

In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it. They used an opensource tool specifically created to monitor and control cloud environments with Docker and Kubernetes installations, thus reducing their footprint on the breached server. According to researchers, this may be the first time a legitimate third-party tool is abused to play the part of a backdoor in a cloud environment, also indicating the evolution of this particular group. Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Cyber Threats

Intelligence Briefing

Blueliv Intelligence Briefing

Your cybersecurity news summary

Cyber Threats Intelligence Briefing

Cyber Threats

Intelligence Briefing