#CredentialStealer

400,000 Linux Servers Hit by Ebury Botnet 

by

May 15, 2024 at 08:00AM The Ebury Linux botnet, active since 2009, has continued to grow, with over 100,000 infected systems in 2023, and it has impacted over 400,000 hosts. ESET reports that the operators are highly active, using various tactics to compromise and exploit servers, including targeting Tor exit nodes and cryptocurrency wallets. Key … Read more

‘Commando Cat’ Is Second Campaign of the Year Targeting Docker

by

February 1, 2024 at 05:30PM Cado researchers discovered “Commando Cat,” a malware campaign targeting exposed Docker API endpoints. This cryptojacking campaign, the second to target Docker, uses the service to mount the host’s filesystem and run various payloads. There are indications of an overlap with other threat groups, suggesting a potential connection. The campaign is … Read more