New DNS vulnerabilities have the potential to impact millions of devices
New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)
As part of our initiative to improve security in the cloud-native landscape, I conducted a security audit of multiple Go libraries that Kubernetes is based on. In my research, I found CVE-2021-20291 in containers/storage that leads to a Denial of Service (DoS) of the container engines CRI-O and Podman when pulling a malicious image from a registry. Through this vulnerability, malicious actors could jeopardize any containerized infrastructure that relies on these vulnerable container engines, including Kubernetes and OpenShift. By Aviv Sasson I April 14, 2021
New Malware Downloader Spotted in Targeted Campaigns
Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware. By Jai Vijayan I April 12, 2021
Golden Chickens and New Spear-Phishing Campaign
Golden Chickens, a group of cybercriminals, has been recently discovered using spear-phishing attacks aimed at business professionals on LinkedIn, with fake job offers. In their attack, crooks deliver the fileless backdoor called more_eggs. The campaign was discovered by researchers at eSentire, who warned enterprises and individuals. By Cyware Alerts I April 13, 2021
| Download our latest Infographic Now! |
|
Sincerely, Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827 |
.png)
Get Social