In a newly observed malware campaign, threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign aims to deliver a cryptocurrency miner and establish a reverse shell for persistent remote access. The attackers utilize new Golang-based malware, which automates the discovery and compromise of these vulnerable hosts.
Get through updates and upcoming events, and more directly in your inbox