CrowdStrike has discovered the first-ever Dero cryptojacking operation targeting Kubernetes infrastructure. Dero is a relatively new and privacy-focused cryptocurrency that uses directed acyclic graph (DAG) technology to claim complete anonymity of its transactions. The combination of anonymity and the higher rewards ratio makes it potentially lucrative to cryptojacking groups compared to Monero, which is commonly used cryptocurrency by attackers or groups running miner operations.
The first step in Anti-Money Laundering (AML) due diligence is to Know Your Customer (KYC). A financial institution (FI) promptly implements KYC processes to identify and confirm a new customer’s identification. These procedures enable FIs to evaluate the risk profile of a customer based on that person’s propensity for financial crime. KYC is a procedure that cryptocurrency exchanges are required to follow.
A Rootkit is a malicious program composed of malware that is created to provide prolonged root-level or privileged-level access to a computer. It remains hidden in the computer system while maintaining control of the system remotely. Rootkits have the ability to steal data, eavesdrop, change system configurations, create permanent backdoors, deactivate other security defensive programs, and conceal other types of malware.
The world of security advisories is disjointed, with disparate systems holding critical documentation in various formats. To make matters more challenging, despite living in a digital-first era, most of these documents are not legible for machines and must be parsed, reviewed, or referenced by humans.
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
Trustwave and Trellix have entered a strategic partnership that will see the two premier cybersecurity companies deliver best-in-class Managed Detection and Response (MDR) solutions to enterprise-class organizations. The partnership will begin with Trustwave's innovative MDR services on Trellix EDR products, which will result in these clients receiving unrivaled threat visibility and the ability to detect and respond to threats faster and more precisely.
