Blog

ELF of the Month_ Latest Lucky Ransomware Sample

ELF of the Month: New Lucky Ransomware Sample

Photo by Kiki Wang on Unsplash News broke in late November 2018 about a ransomware variant dubbed Lucky Ransomware that targets both Linux and Windows platforms. A recent sample of the ransomware module was uploaded to VirusTotal in mid-December 2018 with some different characteristics than previously reported samples. In this month’s edition of ELF of the […]

Read More…

Kubernetes CVE-2018-1002105

On December 3rd a critical Kubernetes vulnerability was announced under CVE-2018-1002105. This vulnerability scored a 9.8 out 10 on the Common Vulnerability Scoring System (CVSS). The vulnerability stems from an issue with Kubernetes API Server (kube-apiserver) handling proxy requests when upgrading to WebSockets. The vulnerability ultimately can allow authenticated and unauthenticated users to make API […]

Read More…

Securing Innovation in the Public Cloud

Securing Innovation in the Public Cloud

Photo by Clayton Holmes on Unsplash I recently attended the Colorado CSA Fall Summit and wanted to share some insights and themes from the conference. The CSA summit included presentations on all things cloud security. On the technical side there were talks on DevSecOps, cloud pen testing, AWS encryption, cryptocurrency, and container security. One of […]

Read More…

Anatomy of a Redis Exploit

Anatomy of a Redis Exploit

Photo by Sonja Langford on Unsplash At Lacework Labs we have been setting up honeypots as part of our ongoing research into securing public cloud infrastructure. Recently we noticed one of our Redis honeypots was compromised. We were running a stock version of Redis which allowed inbound connections. During our monitoring, a cryptocurrency mining botnet […]

Read More…