新的恶意软件可以规避和卸载云安全软件,研究人员警告说

发布时间:2021-10-12

  新的恶意软件压力可以规避和卸载云安全软件,研究人员警告说,好消息是:您的组织终于开始安装一些云安全工具。坏消息:恶意软件已经开发出来了,它可以逃避他们的检测。

  The nefarial discovery from threat actor roke was made by palo alto networks unit 42,with the security researchers noting that it was to the best of[their]knowledge the first malware family that developed the unique capability to target and remove cloud securiTY产品。

  The roke group was by cisco s threat intelligent group,talos,noting at the time it was an actor which must be followed as they continue to add new features to their malware and are activitive exploring new attack vectors.

  The malware mines monero cryptocurrency in impaired linux machines cryptojacking being refered by this publication as on the way to replacing ransomware as the maximum threat for consumers and enterprises.Apache Struts 2、Oracle Weblogic和Adobe ColdFusion中存在漏洞。一旦实现了这一点,并且建立了链接,恶意软件就会表现出各种行为,例如持久性、杀戮和阻止其他加密挖掘软件,最重要的是,卸载基于代理的云安全产品。

  The cloud security products tested were both china based,in the shape of alibaba threat detection service and tencenT云主机安全与研究人员担心,如果现在不采取措施,这一变种会更广泛地传播。

  Public Cloud Infrastructure is one of the main Targets for this CyberCrime Group,Unit 42 added.意识到现有的云监控和安全产品可能会检测到可能的恶意软件入侵,恶意软件作者继续创建新的规避技术,以避免被云安全产品检测到。

  The variant of the malware used by the roke group is an example that demonstrate the agent-based cloud security solution may n不足以防止针对公共云基础设施的规避恶意软件。

  You can read the full analysis

  interested in hearing industry leaders discus subjects like this and sharing their experience and use cases?参加即将在硅谷、伦敦和阿姆斯特丹举行的活动,了解更多。

  relevant stories

  >

  >

  james is editor in chief of techforge media,with a passion for how technologies influences business and some mobile world congress events under his belt.詹姆斯采访了他职业生涯中的许多重要人物,从前老板迈克尔·弗兰泽,到史蒂夫·沃兹尼亚克和让·米歇尔·贾尔。在@james_t ou bourne上可以找到james的tweeting。云技术促进了行业品牌、企业和分析师的行业思想领导力内容,与作者和博客合作,为我们的CIO和IT经理的广泛受众提供有关云IT战略的见解和建议。虚拟化战略、云应用程序和企业IT、私有和公共云、系统安全、云应用程序、CRM和云通信,云技术提供了最新的洞察力,使首席信息官能够就IT战略做出明智的决策。

  请遵循此链接了解我们的。

注册即送1000元现金券