Research & Threat Intel

September 8, 2022
This is the first in a new series of articles from Cado Labs focusing on offensive techniques in the cloud. For this entry,...
June 2, 2022
Summary Cado Labs’ honeypot infrastructure was recently compromised by a complex and multi-stage cryptojacking attack Although...
May 18, 2022
Introduction Linux has long dominated the server computing landscape, and the rapid adoption of cloud technologies by organisations...
April 6, 2022
By Matt Muir, with thanks to Chris Doman, Al Carchrie and Paul Scott. Organisations – both large and small – are increasingly...
February 2, 2022
Newly Discovered Malware Employs Anti-forensics & Anti-hardening Techniques Introduction Researchers at Cado Security...
January 20, 2022
Introduction Since its discovery at the end of 2021, Log4Shell – a zero-day vulnerability affecting Apache’s Log4j...
January 10, 2022
Overview Abcbot, the emerging botnet that we recently analyzed and reported on, has a longer history than we first thought....
December 21, 2021
A new version of a malicious shell script targeting insecure cloud instances running under Cloud Service Providers such as...
December 14, 2021
By Matt Muir Overview As previously reported, a recently-discovered critical vulnerability (CVE-2021-44228) in Apache’s...
December 13, 2021
Introduction Log4J is an open-source logging platform running on Java and built-in to many web platforms. Public reports...