TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says. [TechWeb]( Follow Dark Reading: [RSS]( September 15, 2022 LATEST SECURITY NEWS & COMMENTARY [TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls]( Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says. [SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign]( Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware. [Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly]( Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly. [To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline]( With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background. [White House Guidance Recommends SBOMs for Federal Agencies]( New executive order stops short of mandating NIST's guidelines, but recommends SBOMs for federal agencies across government. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Attackers Can Compromise Most Cloud Data in Just 3 Steps]( An analysis of cloud services finds that known vulnerabilities typically open the door for attackers, while insecure cloud architectures allow them to gain access to the crown jewels. [Business Security Starts With Identity]( How identity-centric security can support business objectives. [Next-Gen Linux Malware Takes Over Devices With Unique Tool Set]( The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control. [MORE]( EDITORS' CHOICE [Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs]( In Microsoft's lightest Patch Tuesday update of the year so far, several security vulnerabilities stand out as must-patch, researchers warn. LATEST FROM THE EDGE [Federal Privacy Bill That Would Preempt State Privacy Laws Faces Uncertain Future]( The American Data Privacy and Protection Act would provide federal-level protections that don't exist in most states, but override existing, stronger state protections. LATEST FROM DR TECHNOLOGY [How to Use SSH Keys and 1Password to Sign Git Commits]( This Tech Tip walks through the steps to set up signed commits with SSH keys stored in 1Password. WEBINARS - [Managing Security In a Hybrid Cloud Environment]( The enterprise cloud environment is not homogenous - enterprises spread their workloads across private data centers and different public cloud providers. How do you manage security when the tools are all different? How do you enforce security controls consistently across ... - [Manage Your Unmanaged Cloud Attack Surface]( Have recent events forced your organization to accelerate your digital transformation projects? With IT, DevOps and security teams running at redline, attackers are constantly looking for configuration mistakes or vulnerabilities to exploit. While many security teams have worked to develop ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [6 Elements of a Solid IoT Security Strategy]( - [Eight Best Practices for a Data-Driven Approach to Cloud Migration]( - [Sumo Logic for Continuous Intelligence]( - [Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( [View More White Papers >>]( FEATURED REPORTS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [6 Elements of a Solid IoT Security Strategy]( - [Incorporating a Prevention Mindset into Threat Detection and Response]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Arcserve Independent Global Study Finds Businesses Still Losing Mission-Critical Company Data]( [Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes]( [Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Ransomware Resilience and Response: The Next-Generation]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)