Tracking TeamPCP: Investigating Post-Compromise Attacks Seen in the Wild

How TeamPCP are leveraging stolen secrets from the recent supply chain attacks to compromise cloud environments...

Crimson Collective: A New Threat Group Observed Operating in the Cloud

Introduction Over the past few weeks, Rapid7 has observed increased activity of a new threat group attacking AWS cloud environments with the goal of data exfiltration and subsequent extortion of the victim. This threat group refers to itself as ‘Crimson Collective’ and has recently announced that...

The insider’s guide to Black Hat 2025

Cut through 100+ talks to find what matters: AI vulnerabilities, cloud attacks, and where to grab drinks...

Cloud Attacks Retrospective: Evolving Tactics, Familiar Entry Points

Let's break down eight attack patterns security teams should be watching in 2025...

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver...

Uncovering Hybrid Cloud Attacks Part 3 – The Response

In the final section of this blog series on uncovering complex hybrid cloud attacks, we’ll share key elements of the response to the real-world sophisticated cloud attack outlined in Part 2...

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks." A Python-based malware, AndroxGh0st was fir...

Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents

The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities...

CISA Ransomware report warns “triple threat” attacks still on the prowl

Though we may be stuck with endless COVID-19 scams and a gradual visible rise in all manner of cryptocurrency hijinks, the old school attacks are as perilous as ever; CISA, the Cybersecurity & Infrastructure Security Agency, have released their 2021 report detailing the increasing globalised thre...

Stay ahead of multi-cloud attacks with Azure Security Center

The COVID-19 crisis has challenged just about every business on the planet to quickly adapt and transform. With massive workforces now remote, IT administrators and security professionals are under increased pressure to keep these workers connected and productive while combating evolving threats,...

Verizon Data Breach Report: Espionage, C-Suite and Cloud Attacks on the Rise

Corporate espionage is on the rise as a motivation for cyberattacks, with a full quarter of all network compromises associated with reconnaissance and data exfiltration in the last 12 months. However, financially motivated attacks aren’t going anywhere; social-engineering attacks aimed at stealin...

Part 2: All rise! Mind these digital crimes and arm your business against them

In the first installment of this two-part series, we advised consumers to stay on top of a selection of up-and-coming crimes to significantly lessen the chances of encountering them in the future. For this post, we're going to look into digital crimes that keeps small businesses and large...