Defend forward, which we have written about in previous blog posts, could very well be the future of enterprise cybersecurity. A posture that seeks to gain early understanding and warnings of attacker activity instead of waiting for a breach to happen and then dealing with the consequences, it’s the clearest way to prevent huge data losses and catch experienced attackers off guard.
Over 90% of cyber attacks begin with spear phishing. These highly targeted, often sophisticated campaigns can be difficult to recognize and even more difficult to protect against.
The Internet is plagued by automated systems that search for servers with weak credentials to infect with their malware. In this blog post, we will analyze a well-known malware that has been active for years: Dota.
You may have seen our recent posts about how TeamTNT is abusing Docker daemons for mining Monero. In this blog post, we will describe another method we have observed that includes the use of malicious Docker images available at Docker Hub.
Last week, we published a blog post describing how TeamTNT created a Docker worm that was replicating itself in open Docker daemons. In the case of that example, everything took place inside a Docker container.