Alibaba Cloud has recently detected Xulu, a mining botnet that deploys malicious containers by exploiting Docker's remote API unauthorized Access vulnerability.
This article provides an in-depth analysis of how Alibaba Cloud's Cloud Firewall addresses aggressive mining worms.
Watchbog, a cryptocurrency-mining botnet, has made a comeback by exploiting Jenkins CVE-2018-1000861 this time.
The Alibaba Cloud Security Team has recently traced a group of hackers that exploit website vulnerabilities for blackhat SEO promotion.
Alibaba Cloud Security team has recently detected a crypto-mining attack which uses the newly published Jenkins RCE vulnerability as its attack vector.
This article analyzes the Watchdogs mining worm and provides suggestions for emergency response and further prevention of similar large-scale intrusion events.
The post provides a detailed analysis of ProtonMiner, a new cryptocurrency miner hijacker discovered by Alibaba Cloud, and security recommendations to avoid it.
In this report, we analyze the current state of malicious cryptocurrency mining and provide security recommendations based on Alibaba Cloud's data from 2018.
Alibaba Cloud has detected a new type of cryptocurrency mining hijacker, RDPMiner, which spreads by launching brute-force attacks on the RDP service of Windows server port 3389.
Alibaba Cloud security team has detected new attacks based on the ThinkPHP vulnerability, in which botnets BuleHero and Sefa exploited hosts for various cybercrime purposes.
Alibaba Cloud establishes its presence in the global security market as its WAF product gains recognition by top research agencies, including Gartner and Frost & Sullivan.
Alibaba Cloud has detected DDoS and HTTP Flood attacks against global central bank websites and has suggested an appropriate response plan to cope with similar attacks.
The latest ThinkPHP v5 vulnerability has been discovered by Alibaba Cloud and can be blocked using an alert in Alibaba Cloud Threat Detection Service.
This article describes Alibaba Cloud Security's discovery of the web shell vulnerability in phpCMS 2008 content management system, still in use to manage many websites today.
In this article, we will look at a new QBot family variant discovered by Alibaba Cloud Security team, known as 'QBotVariant'.
The Alibaba Cloud Security team has discovered a novel attack, dubbed DockerKiller, on Docker services exposed to the web.
Alibaba Cloud security team detected the first batch mining attack exploiting the PROGRAM feature of PostgreSQL, an open source database popular in cloud deployments.
This article describes the discovery of the first "in-the-wild" Spark Rest API Remote Code Execution (RCE) vulnerability made by Fengwei Zhang and the team at Alibaba Cloud Security on July 7, 2018.