The Docker team has pulled 17 Docker container images that have been backdoored and used to install reverse shells and cryptocurrency miners on users’ servers for the past year. The malicious Docker container images have been uploaded on Docker Hub, the official repository of ready-made Docker images that sysadmins can pull and use on their… Read More


According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the United States—including the media, aerospace, financial, and critical infrastructure sectors. According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using… Read More


Discovered by Kaspersky Lab researchers, this backdoor grants an attacker access to the device’s web panel, and there’s no way in which device owners can disable this secret account. To prevent abuse, Kaspersky researchers have refrained from disclosing the backdoor’s account username and password. The backdoor account (CVE-2018-6213) is just one of four vulnerabilities Kaspersky… Read More


Cisco released 16 security advisories yesterday, including alerts for three vulnerabilities rated ‘Critical’ and which received a maximum of 10 out of 10 on the CVSSv3 severity score. The three vulnerabilities include a backdoor account and two bypasses of the authentication system for Cisco Digital Network Architecture (DNA) Center. The Cisco DNA Center is a… Read More