Labs Archives Lacework

Search Results

Results For:
Blog

Log4j heute – und was die Zukunft bereithält

Greg Foss, Lacework Labs The holiday season is never complete without a significant security event unfolding as the year comes to an end. Read More

Read More
Blog

Log4j-Angriffe – Eine Woche im Rückblick

Key Takeaways Log4J Vulnerabilities (CVE-2021-44228, CVE-2021-45046)  are being exploited by opportunistic attackers. Evasion techniques are being employed to subvert detection. Overview A week… Read More

Read More
Blog

Lacework Labs Identifies Log4J Attacks

Key Takeaways CVE-2021-44228 is being adopted by opportunistic attackers. Mirai and Kinsing are being distributed via this attack vector. Overview Lacework Labs is constantly… Read More

Read More
Blog

HCRootkit / Sutersu Linux Rootkit Analysis

Jared Stroud, Tom Hegel Cloud Security Researchers – Lacework Labs Key Points Lacework Labs identified new samples and… Read More

Read More
Blog

Sichtbare Bedrohungen, die das Fehlen von Kubernetes-Audit-Richtlinien ausnutzen

Jared Stroud Cloud Security Researcher – Lacework Labs Key Points: Kubernetes Audit Policies are critical for cluster-level visibility. Read More

Read More
Blog

SSH-Schlüssel zur Verfolgung von Bedrohungen – Pivoting von Bash Script Features

Tom Hegel Cloud Security Researcher – Lacework Labs   Malicious actors often add SSH keys to victim hosts for persistence (… Read More

Read More
Blog

Hacken wie 1999 – Analysen automatisieren wie 2021

Jared Stroud Cloud Security Researcher – Lacework Labs  The Takeaways Lacework Labs is releasing a Ghidra script to… Read More

Read More
Blog

Keksec & Tsunami-Ryuk

Chris Hall Cloud Security Researcher – Lacework Labs   Key Takeaways  Keksec is now leveraging a new Tsunami DDoS malware dubbed “Ryuk”… Read More

Read More
Blog

Docker-Bilder von TeamTNT vom Netz nehmen

Jared Stroud Cloud Security Researcher – Lacework Labs  The Takeaways TeamTNT targets exposed Docker API to deploy malicious images. Read More

Read More
Blog

Sysrv-Hello Expands Infrastructure

  Chris Hall and Jared Stroud Cloud Security Researchers, Lacework Labs   Sysrv-hello is a multi-architecture Cryptojacking (T1496) botnet that first… Read More

Read More