#wrapper *:not(#noScriptAlert) { opacity: 0.75; } #noScriptAlert { display: block; }

Please turn on your JavaScript for this page to function normally.

Help Net Security

May 24, 2023

Legion AWS credential harvester and hijacker analyzed

Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of its predecessor, with a continued emphasis on exploiting PHP web applications.

In this Help Net Security video, Matt Muir, Threat Intelligence Researcher at Cado Security, overviews Legion’s cloud-specific functionality.

More about

AWS
Cado Security
credentials
cybercrime
malware
video

Don't miss

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
The rising influence of AI on the 2024 US election
10 colleges and universities shaping the future of cybersecurity education
What is multi-factor authentication (MFA), and why is it important?
MITRE breached by nation-state threat actor via Ivanti zero-days

Legion AWS credential harvester and hijacker analyzed

Featured news

Sponsored

Don't miss