Collaborate Disseminate
A new report from RedLock offers a look at the threats and vulnerabilities that continue to mount in public cloud computing environments. Account compromises keep rising Poor user and API access hygiene, combined with ineffective visibility and user ac… Continue reading Even with cloud providers implementing defenses, glaring weaknesses remain
The latest cryptojacking scheme targeted the car manufacturer. Continue reading Hackers Infiltrated Tesla to Mine Cryptocurrency
Tesla appears to be the latest prominent victim of a malicious cryptomining scheme. Cloud security company RedLock reported on Tuesday that hackers found exposed elements of the electric car company’s cloud environment, giving them access to both sensitive company data and computing power that they used to mine cryptocurrency. According to RedLock, the hackers infiltrated an unprotected Kubernetes console, a tool used to automate the way a user deploys containerized apps. The hackers performed the cryptomining from within the Kubernetes console, employing what the RedLock describes as “sophisticated evasion techniques” that made their activity difficult to detect compared to other cryptomining. Unlike with other cryptomining ploys, RedLock says, the hackers didn’t use well-known mining software, such as Coinhive. Rather, they took other code and tweaked the script to connect to an unlisted endpoint. RedLock says this made it difficult for standard threat intelligence indicators to detect the activity. The hackers also […]
The post Tesla falls victim to cryptomining scheme, minor breach appeared first on Cyberscoop.
Continue reading Tesla falls victim to cryptomining scheme, minor breach