45 min listen
AMBERSQUID hides in the depths. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
18 minutes
Released:
Oct 21, 2023
Format:
Podcast episode
Description
Sysdig's Alessandro Brucato and Michael Clark join Dave to discuss their work on "AWS's Hidden Threat: AMBERSQUID Cloud-Native Cryptojacking Operation." Attackers are targeting what are typically considered secure AWS services, like AWS Fargate and Amazon SageMaker. This means that defenders generally aren’t as concerned with their security from end-to-end.
The research states "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS requirement for approval of more resources, as would be the case if they only spammed EC2 instances." This poses additional challenges targeting multiple services since it requires finding and killing all miners in each exploited service.
The research can be found here:
AWS’s Hidden Threat: AMBERSQUID Cloud-Native Cryptojacking Operation
Learn more about your ad choices. Visit megaphone.fm/adchoices
The research states "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS requirement for approval of more resources, as would be the case if they only spammed EC2 instances." This poses additional challenges targeting multiple services since it requires finding and killing all miners in each exploited service.
The research can be found here:
AWS’s Hidden Threat: AMBERSQUID Cloud-Native Cryptojacking Operation
Learn more about your ad choices. Visit megaphone.fm/adchoices
Released:
Oct 21, 2023
Format:
Podcast episode
More Episodes from CyberWire Daily
Double key encryption debate. by CyberWire Daily