_mattmuir Profile Banner
Matt Muir Profile
Matt Muir

@_mattmuir

Followers
224
Following
542
Media
2
Statuses
82

Cloud Security Researcher

Joined March 2018
Don't wanna be here? Send us removal request.
@_mattmuir
Matt Muir
1 year
0
0
0
@_mattmuir
Matt Muir
1 year
Been away from here recently but I can finally share my first blog for @datadoghq, an updated campaign from the group behind Spinning YARN.
2
0
4
@_mattmuir
Matt Muir
1 year
RT @0xAmit: Fascinating paper about #eBPF based attacks on the cloud:.Cross Container Attacks:.The Bewildered eBPF on Clouds..
0
2
0
@_mattmuir
Matt Muir
1 year
0
0
1
@_mattmuir
Matt Muir
1 year
0
0
0
@_mattmuir
Matt Muir
1 year
Latest research from the lab. This is an interesting one! 4 new discovery/initial access tools were found. Each tool contained code to exploit common misconfigurations (and n-day vulnerability) in either YARN, Docker, Confluence or Redis.
@CadoSecurity
Cado
1 year
Cado Security Labs discover Spinning YARN, an emerging malware campaign using novel Golang payloads to exploit #Docker, Hadoop #YARN, #Confluence and #Redis hosts. Full analysis here: #cloudsecurity #cloudforensics #cloudIR #threatintel #spinningYARN.
2
2
4
@_mattmuir
Matt Muir
1 year
Our latest blog covering #Migo - a Golang miner targeting Redis. This one attempts to weaken the Redis server by issuing various config commands, before deploying a user mode rootkit to hide the miner.
1
1
2
@_mattmuir
Matt Muir
1 year
0
1
0
@_mattmuir
Matt Muir
1 year
🐈 Here’s a new blog from us covering a novel attack named “Commando Cat” 🐈 . The fun never stops with these Docker-focused campaigns!.
1
2
5
@_mattmuir
Matt Muir
1 year
Thanks to everyone that attended/tuned-in to my talk for @SANSInstitute today! There have been some requests for me to upload the slides, so here they are.
0
2
10
@_mattmuir
Matt Muir
1 year
RT @chrisdoman: If you're at the SANS CTI summit today - check out @_mattmuir 's talk "Beyond Cryptojacking: Studying Contemporary Malware….
0
3
0
@_mattmuir
Matt Muir
1 year
Great research by our talented colleague Nate!.
@CadoSecurity
Cado
1 year
Cado Security Labs researchers discover #novel #malware campaign that deploys the #9hits application as a #payload. 🔎 Full analysis here: #cloudsecurity #cloudforensics #cloudIR #threatresearch #threatintelligence #cloudincidentresponse.
0
0
3
@_mattmuir
Matt Muir
1 year
Legion-specific activity includes the creation of a malicious IAM user with the name ms.boharas in AWS environments.
0
0
0
@_mattmuir
Matt Muir
1 year
0
0
0
@_mattmuir
Matt Muir
1 year
2
0
0
@_mattmuir
Matt Muir
1 year
CISA have today released an advisory on Androxgh0st, this cloud-focused malware is closely related to Legion and Fbot.
1
2
4
@_mattmuir
Matt Muir
2 years
Continuing to follow this Rust botnet! A new #p2pinfect sample targeting MIPS.
@CadoSecurity
Cado
2 years
New discovery by Cado Security Labs. A new #P2Pinfect variant demonstrating increased targeting of Microprocessor without Interlocked Pipelined Stages (MIPS) including routers and IoT. Full analysis here: #threatintelligence #threatresearch #cloudsecurity.
0
0
2
@_mattmuir
Matt Muir
2 years
0
0
0
@_mattmuir
Matt Muir
2 years
0
0
0
@_mattmuir
Matt Muir
2 years
Latest blog from us :D OracleIV - a dockerised DDoS botnet.
2
2
4