article thumbnail

Aqua Nautilus Discovers Redigo — New Redis Backdoor Malware

Aqua Security

Aqua Nautilus discovered new Go based malware that targets Redis servers. Our investigation revealed new undetected malware written in Golang designed to target Redis servers to allow the attacking server to dominate the compromised machine. Therefore, the malware received the name Redigo.

Malware 138
article thumbnail

AndroxGhost – the python malware exploiting your AWS keys


And the majority of this activity has been linked to the same python malware dubbed AndroxGh0st with at least one incident tied to an actor known as Xcatze. For AWS specifically, the malware scans for and parses AWS keys but also has the ability to generate keys for brute force attacks. AndroxGh0st options.

Malware 145

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Kinsing Malware Exploits Novel Openfire Vulnerability

Aqua Security

Aqua Nautilus discovered a new campaign that exploits the Openfire vulnerability (CVE-2023-32315), that was disclosed in May of this year, to deploy Kinsing malware and a cryptominer. This vulnerability leads to a path traversal attack, which grants an unauthenticated user access to the Openfire setup environment.

Malware 85
article thumbnail

Agentless Workload Scanning Gets Supercharged with Malware Scanning

Prisma Clud

Using WildFire in 2021 to analyze malicious files, our threat research team discovered a 73% increase in Cobalt Strike malware samples compared to 2020. The speed, volume and sophistication of modern malware attacks has made them more difficult to detect.

Malware 76
article thumbnail

Detecting eBPF Malware with Tracee

Aqua Security

Lately, we have seen a rise in the number of eBPF based tools used for malicious goals such as rootkits ( ebpfkit, TripleCross ) and malwares ( pamspy ). It is widely used by many security tools for monitoring kernel activity to detect and protect organizations.

Malware 66
article thumbnail

Bumblebee Malware Distributed Via Trojanized Installer Downloads


Type: Blogs Bumblebee Malware Distributed Via Trojanized Installer Downloads Restricting the download and execution of third-party software is critically important. Learn how CTU™ researchers observed Bumblebee malware distributed via trojanized installers for popular software such as Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace.

Malware 91
article thumbnail

Intro to Fileless Malware in Containers

Aqua Security

In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected.

Malware 111