Originally reported by ZDNet, TeamTNT is a hacking crew most recently attributed to a cryptocurrency mining botnet able to steal Amazon Web Services (AWS) credentials from servers. Recently, the group has begun using an open source visualization and monitoring software, Weave Scope, as a backdoor. The software permits administrators to run shells in container clusters as root and does not require authentication by default, making it a prime target for threat actors. Additionally, it allows TeamTNT to map any Docker system that has been compromised.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security