New #Linux #malware geared toward #embedded targets: #kmsdbot - https://www.akamai.com/blog/security-research/kmdsbot-the-attack-and-mine-malware
Here's the cool thing: If you are using https://github.com/chainguard-dev/osquery-defense-kit - you can already detect an attack without any updates. At a minimum, the following alerts should fire:
- unexpected-dev-entries
- unexpected-dev-executables
- unexpected-exec-dir
- sketchy-fetchers
- unexpected-executable-permissions
- unexpected-talkers