Research & Threat Intel

Research & Threat Intel
May 24, 2023

Updates to Legion: A Cloud Credential Harvester and SMTP Hijacker

Cado Labs recently discovered and reported on an emerging cloud-focused hacktool, designed to harvest credentials from misconfigured...
Read More
Cloud Investigations, Research & Threat Intel
April 13, 2023

Legion: an AWS Credential Harvester and SMTP Hijacker

Cado Labs researchers recently encountered an emerging Python-based credential harvester and hacktool, named Legion, aimed...
Read More
Previously Undiscovered TeamTNT Payload Recently Surfaced by Cado Security
Research & Threat Intel
March 16, 2023

Previously Undiscovered TeamTNT Payload Recently Surfaced

Introduction Sysdig’s threat research team recently reported on a fascinating client engagement they conducted, in response...
Read More
Many of the cloud-focused malware campaigns analysed by Cado Labs rely on shell scripts, especially cryptojacking campaigns.
Research & Threat Intel
March 2, 2023

Redis Miner Leverages Command Line File Hosting Service

Cado Labs researchers recently discovered a novel cryptojacking campaign targeting insecure deployments of Redis. Underpinning...
Read More
Research & Threat Intel
January 25, 2023

Leopard Tank Announcement Prompts Cyber Retaliation

Cado Labs researchers have discovered evidence of retaliation from Russian cyber threat groups, in response to yesterday’s...
Read More
Cloud Investigations, Research & Threat Intel
December 21, 2022

Kiss-a-Dog Discovered Utilizing a 20-Year-Old Process Hider

Introduction Researchers at Crowdstrike recently discovered a novel cryptojacking campaign, targeting Docker and Kubernetes,...
Read More
Research & Threat Intel
December 14, 2022

Quick Update on Recent Denonia Samples

Back in April 2022, Cado discovered a suspicious ELF binary that utilized DNS over HTTPS, binary padding and in-memory execution...
Read More
Cloud Investigations, Free Resources
November 16, 2022

WatchDog Continues to Target East Asian CSPs

Introduction Researchers at Cado Labs have recently discovered the re-emergence of the threat actor WatchDog. As regular...
Read More
Cloud Investigations, Free Resources
October 7, 2022

AWS Lambda Incident Response

Organisations – both large and small – are increasingly leveraging Lambda serverless functions. From a business agility...
Read More
Cloud Investigations, Research & Threat Intel
September 8, 2022

Attacking the Cloud: cloud-init as a persistence mechanism

This is the first in a new series of articles from Cado Labs focusing on offensive techniques in the cloud. For this entry,...
Read More

Cado Security is the provider of the first cloud forensics and incident response platform. By leveraging the scale and speed of the cloud, the Cado platform automates forensic-level data capture and processing across cloud, container, and serverless environments. Only Cado empowers security teams to respond at cloud speed.

Free Trial Demo

© Copyright 2022 Cado Security

Sitemap | Privacy Policy