#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Alibaba Cloud | Breaking Cybersecurity News | The Hacker News

Category — Alibaba Cloud
Watch Out! Cryptocurrency Miners Targeting Dockers, AWS and Alibaba Cloud

Watch Out! Cryptocurrency Miners Targeting Dockers, AWS and Alibaba Cloud

Apr 22, 2022
LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. "It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses," CrowdStrike  said  in a new report. "It evades detection by targeting Alibaba Cloud's monitoring service and disabling it." Known to strike both Windows and Linux environments, LemonDuck is primarily engineered for abusing the system resources to mine Monero. But it's also capable of credential theft, lateral movement, and facilitating the deployment of additional payloads for follow-on activities. "It uses a wide range of spreading mechanisms — phishing emails, exploits, USB devices, brute force, among others — and it has shown that it can quickly take advantage of news, events, or the release of new exploits to run effective campaigns," Microsoft  detailed  in a technical write-up of the ma
China suspends deal with Alibaba for not sharing Log4j 0-day first with the government

China suspends deal with Alibaba for not sharing Log4j 0-day first with the government

Dec 22, 2021
China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has temporarily suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months on account of the fact that it failed to promptly inform the government about a critical security vulnerability affecting the broadly used Log4j logging library. The development was disclosed by  Reuters  and  South China Morning Post , citing a report from 21st Century Business Herald, a Chinese business-news daily newspaper. "Alibaba Cloud did not immediately report vulnerabilities in the popular, open-source logging framework Apache Log4j2 to China's telecommunications regulator," Reuters said. "In response, MIIT suspended a cooperative partnership with the cloud unit regarding cybersecurity threats and information-sharing platforms." Tracked as  CVE-2021-44228  (CVSS score: 10.0) and codenamed  Log4Shell  or LogJam, the cat
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
Expert Insights / Articles Videos
Cybersecurity Resources