Research & Threat Intel

Research & Threat Intel
December 14, 2022

Quick Update on Recent Denonia Samples

Back in April 2022, Cado discovered a suspicious ELF binary that utilized DNS over HTTPS, binary padding and in-memory execution...
Read More
Cloud Investigations, Free Resources
November 16, 2022

WatchDog Continues to Target East Asian CSPs

Introduction Researchers at Cado Labs have recently discovered the re-emergence of the threat actor WatchDog. As regular...
Read More
Cloud Investigations, Free Resources
October 7, 2022

AWS Lambda Incident Response

Organisations – both large and small – are increasingly leveraging Lambda serverless functions. From a business agility...
Read More
Cloud Investigations, Research & Threat Intel
September 8, 2022

Attacking the Cloud: cloud-init as a persistence mechanism

This is the first in a new series of articles from Cado Labs focusing on offensive techniques in the cloud. For this entry,...
Read More
Cloud Investigations, Research & Threat Intel
June 2, 2022

Tales From the Honeypot: WatchDog Evolves With a New Multi-Stage Cryptojacking Attack

Summary Introduction Cado Labs regularly analyses attacks targeting services running within our honeypot infrastructure....
Read More
Cloud Investigations, Research & Threat Intel
May 18, 2022

Linux Attack Techniques: Dynamic Linker Hijacking with LD Preload

Introduction Linux has long dominated the server computing landscape, and the rapid adoption of cloud technologies by organisations...
Read More
Research & Threat Intel
April 6, 2022

Cado Discovers Denonia: The First Malware Specifically Targeting Lambda

By Matt Muir, with thanks to Chris Doman, Al Carchrie and Paul Scott. Organisations – both large and small – are increasingly...
Read More
Research & Threat Intel
February 2, 2022

CoinStomp Malware Family Targets Asian Cloud Service Providers

Newly Discovered Malware Employs Anti-forensics & Anti-hardening Techniques Introduction Researchers at Cado Security...
Read More
Cloud DFIR, Research & Threat Intel
January 20, 2022

Fallout from Log4Shell-related Vietnamese Cryptocurrency Exchange Attack: KYC Data for Sale on Dark Web

Introduction Since its discovery at the end of 2021, Log4Shell – a zero-day vulnerability affecting Apache’s Log4j...
Read More
Research & Threat Intel
January 10, 2022

Abcbot - An Evolution of Xanthe

Overview Abcbot, the emerging botnet that we recently analyzed and reported on, has a longer history than we first thought....
Read More

Cado Security is the provider of the first cloud forensics and incident response platform. By leveraging the scale and speed of the cloud, the Cado platform automates forensic-level data capture and processing across cloud, container, and serverless environments. Only Cado empowers security teams to respond at cloud speed.

Free Trial Demo

© Copyright 2023 Cado Security

Sitemap | Privacy Policy