×

Alibaba Cloud Security

850 Reputation

Follow
Activities(21) Posts(21) Series(0) Areas of Expertise Following Followers

Alibaba Cloud Security Posted blog

Alibaba Cloud Offers FIPS Validated HSM for Crypto Key Security

Alibaba Cloud has announced the beta release of Managed HSM, a cloud-managed hardware security module to protect your most sensitive workloads and assets.

Alibaba Cloud Security Posted blog

8220 Mining Group Now Uses Rootkit to Hide Its Miners

The Alibaba Cloud Security Team has recently discovered that the 8220 Mining Group began using rootkit to hide its mining programs.

Alibaba Cloud Security Posted blog

A New Trend of DDoS Attacks: Mobile Devices Are Becoming a New Generation of Botnets

This article analyzes the characteristic features of a new trend of DDoS attacks launched by mobile botnets.

Alibaba Cloud Security Posted blog

Xulu: Cryptojacking Leveraging Shodan, Tor, and Malicious Docker Container

Alibaba Cloud has recently detected Xulu, a mining botnet that deploys malicious containers by exploiting Docker's remote API unauthorized Access vulnerability.

Alibaba Cloud Security Posted blog

Deep Dive into Cloud Firewall: Addressing Aggressive Mining Worms

This article provides an in-depth analysis of how Alibaba Cloud's Cloud Firewall addresses aggressive mining worms.

Alibaba Cloud Security Posted blog

Return of Watchbog: Exploiting Jenkins CVE-2018-1000861

Watchbog, a cryptocurrency-mining botnet, has made a comeback by exploiting Jenkins CVE-2018-1000861 this time.

Alibaba Cloud Security Posted blog

ThinkphpDD: An In-Depth Analysis of Blackhat SEO Techniques

The Alibaba Cloud Security Team has recently traced a group of hackers that exploit website vulnerabilities for blackhat SEO promotion.

Alibaba Cloud Security Posted blog

ImposterMiner Trojan Takes Advantage of Newly Published Jenkins RCE Vulnerability

Alibaba Cloud Security team has recently detected a crypto-mining attack which uses the newly published Jenkins RCE vulnerability as its attack vector.

Alibaba Cloud Security Posted blog

Countrywide Spread of Database-Cracking Watchdogs Mining Worm: Issues and Countermeasures

This article analyzes the Watchdogs mining worm and provides suggestions for emergency response and further prevention of similar large-scale intrusion events.

Alibaba Cloud Security Posted blog

ProtonMiner Gains Momentum via Expanded Attack Surface

The post provides a detailed analysis of ProtonMiner, a new cryptocurrency miner hijacker discovered by Alibaba Cloud, and security recommendations to avoid it.

Alibaba Cloud Security Posted blog

Alibaba Cloud Security: 2018 Cryptocurrency Mining Hijacker Report

In this report, we analyze the current state of malicious cryptocurrency mining and provide security recommendations based on Alibaba Cloud's data from 2018.

Alibaba Cloud Security Posted blog

New Miner Hijacker RDPMiner Adds Malicious Accounts to Victimized Hosts

Alibaba Cloud has detected a new type of cryptocurrency mining hijacker, RDPMiner, which spreads by launching brute-force attacks on the RDP service of Windows server port 3389.

Alibaba Cloud Security Posted blog

Threat Alert: Multiple Cryptocurrency Miner Botnets Start to Exploit the New ThinkPHP Vulnerability

Alibaba Cloud security team has detected new attacks based on the ThinkPHP vulnerability, in which botnets BuleHero and Sefa exploited hosts for various cybercrime purposes.

Alibaba Cloud Security Posted blog

Alibaba Cloud Web Application Firewall Endorsed by Top Research Agencies

Alibaba Cloud establishes its presence in the global security market as its WAF product gains recognition by top research agencies, including Gartner and Frost & Sullivan.

Alibaba Cloud Security Posted blog

Alibaba Cloud Offers a Security Emergency Response Plan for Global Bank Websites Targeted by Hackers

Alibaba Cloud has detected DDoS and HTTP Flood attacks against global central bank websites and has suggested an appropriate response plan to cope with similar attacks.

Alibaba Cloud Security Posted blog

Alibaba Cloud Discovers the Latest ThinkPHP v5 Vulnerability

The latest ThinkPHP v5 vulnerability has been discovered by Alibaba Cloud and can be blocked using an alert in Alibaba Cloud Threat Detection Service.

Alibaba Cloud Security Posted blog

New Vulnerability Found in the Decade-Old phpCMS 2008 Can Lead to Fresh WebShell Attacks

This article describes Alibaba Cloud Security's discovery of the web shell vulnerability in phpCMS 2008 content management system, still in use to manage many websites today.

Alibaba Cloud Security Posted blog

The Qakbot Family Extends: Introducing a New QBot Variant

In this article, we will look at a new QBot family variant discovered by Alibaba Cloud Security team, known as 'QBotVariant'.

Alibaba Cloud Security Posted blog

DockerKiller Threat Analysis: First Instance of Batch Attack and Exploitation of Docker Services

The Alibaba Cloud Security team has discovered a novel attack, dubbed DockerKiller, on Docker services exposed to the web.

Alibaba Cloud Security Posted blog

Is Your PostgreSQL Server Secretly Mining Digital Coins?

Alibaba Cloud security team detected the first batch mining attack exploiting the PROGRAM feature of PostgreSQL, an open source database popular in cloud deployments.

Latest Comments
No series yet.