Attack groups are increasingly focusing their attention on cloud platforms and services as common entry points for victim networks.
An attack group TeamTNT is using Weave Scope, an open source cloud monitoring and control tool to compromise Docker and Kubernetes instances as part of a cryptocurrency mining operation, security company Intezer said.
Google Cloud Confidential VMs, now in beta, allows customers to run workloads in the cloud on data that is encrypted while it's in use.
Attackers launched a massive distributed denial-of-service against a specific website hosted by a hosting provider in early June. Not only was the 1.44 terabit-per-second DDoS attack the largest Akamai has seen to date, it was also one of the most complex to resolve.
The number of servers vulnerable to the CVE-2020-11651 SaltStack flaw has dropped considerably, but several thousand are still unpatched.