March 6, 2024 at 11:27AM Cado Security warns of a cryptojacking campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances with unique Golang payloads. Attackers use reverse shells, rootkits, and various scripts to exploit vulnerabilities. The extensive attack demonstrates the variety of techniques used to exploit cloud and Linux services, as well as keeping … Read more
February 6, 2024 at 10:10AM Three new security vulnerabilities have been identified in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services, enabling privilege escalation and denial-of-service attacks. Specific flaws include XML External Entity Injection Elevation of Privilege and Java Database Connectivity Injection Elevation of Privilege. Microsoft has released fixes following responsible disclosure. Orca previously found … Read more
January 12, 2024 at 03:09AM Cybersecurity researchers have discovered a new attack using misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners and conceal them with rootkits. The attackers exploit flaws to run remote code on targeted systems and hide mining processes. Mitigations include deploying agent-based security solutions to detect and prevent such attacks. … Read more