The Cado Blog

Read timely commentary on the latest in digital forensics from the Cado Security team.

November 9, 2021

Cloud Malware Proliferation?

Recently VX Underground released a toolset they report is from the Conti and BlackMatter ransomware gang: As TeamTNT themselves...
November 8, 2021

Cado Security Partners with SentinelOne to Deliver Cloud-Native Digital Forensics 

We’re thrilled to announce our partnership with SentinelOne to help organizations investigate and respond to incidents...
October 28, 2021

Automate Incident Response with the new Tines and Cado Response Integration

Today we’re happy to release the Cado Response actions for Tines. This integration enables security teams to automate many...
October 23, 2021

Links to Previous Attacks in UAParserJS Compromise

A very popular npm library called UAParser was compromised this week. The author of the library, Faisal Salman, said: “I...
September 17, 2021

Azure OMI Vulnerability OMIGOD (CVE-2021-38647) Now Under Exploitation

Azure users running Linux virtual machines are at risk of compromise unless they upgrade now. A vulnerable piece of management...
September 16, 2021

The Ultimate Guide to Docker & Kubernetes Forensics

Introduction As organizations continue to migrate their computing resources to cloud and container environments, attackers...
September 14, 2021

TeamTNT Script Employed to Grab AWS Credentials

A TeamTNT script has been employed to target a Confluence vulnerability that grabs AWS credentials including those from ECS. ...
September 9, 2021

Quick Recap: Azurescape

As you may have seen today, Palo Alto published a brilliant technical report: Finding Azurescape – Cross-Account Container...
September 7, 2021

Your Questions Answered: Cloud & Kubernetes Memory Forensics

Last week, James Campbell, Cado Security’s Co-Founder and CEO and Al Carchrie, Digital Forensics Solutions Engineer, hosted...