Cloud workloads subjected to new Python-based fileless malware

Attacks with the new PyLoose malware have been deployed against cloud workloads, marking the first documented Python-based fileless attack, reports SiliconAngle. Such intrusions, which were initially identified on June 22, involved the exploitation of a publicly exposed Jupyter Notebook service to achieve initial access prior to the use of the memfd fileless technique in Linux in an effort to facilitate direct loading of an XMRig Miner into memory, a Wiz report showed. Researchers noted that the attacks, which are believed to be conducted by a sophisticated threat actor, could be averted with the implementation of multi-factor authentication and other strong authentication methods, as well as avoiding publicly exposed services. "These attacks serve as a reminder that organizations should have a security posture solution in place to help security teams eliminate toxic risk combinations, in addition to a runtime protection solution that quickly detects and responds to breaches," said researchers.