Mission Statement
Our ongoing mission is to monitor the constantly-shifting threat landscape, conducting security investigations and developing detection methods for the latest real-world cyberattacks.
We provide advanced security expertise for our customer’s security operations, including threat hunting and incident response. We also share our expertise with the wider community through Threat Research Reports in order to help you better understand, detect, and protect yourself against the latest real-world cyberattacks.
Latest in Securonix Threat Research
In recent months, we have been observing an increase in the number of automated attacks targeting exposed cloud infrastructure/Hadoop/YARN instances. Some of the attacks we have been seeing – for example, Moanacroner (a variant of Sustes) – are fairly trivial, targeted single-vector/single-platform attacks where the focus is mainly on cryptomining.
Some attacks, however, are multi-vector/multi-platform threats where multiple functionalities – including cryptomining, ransomware, and botnet/worms for both Linux and Windows – are combined as part of the same malicious threat (for example, XBash).
The Securonix Threat Research Team has been actively investigating and closely monitoring these persistent malicious attacks impacting exposed cloud infrastructure in order to help our customers prevent, detect, and mitigate/respond to the attacks. Inside is a summary of what we currently know, and our recommendations for possible mitigations and Securonix predictive indicators that can be used to detect such attacks.