Malware, Patch/Configuration Management

Apache Hadoop, Flink subjected to attacks

Share

Apache's open-source software utility collection Hadoop and open-source, unified stream-processing, and batch-processing framework Flink are being targeted in new malware attacks that involve packers and rootkits to evade detection, SiliconAngle reports. Apache Hadoop YARN had a misconfiguration within its ResourceManager component exploited to facilitate arbitrary code execution and unauthenticated app creation and execution, a report from Aqua Security showed. Similar techniques have been employed in intrusions against Apache Flink, which involved payload distribution upon obtaining initial access. Aside from ensuring the stealthiness of their operations, threat actors have also utilized numerous MITRE ATT&CK framework strategies, indicating their sophistication. The new attacks pose a significant threat that should prompt the implementation of agent-based runtime solutions among operators of big data, according to researchers. Such systems have been touted to enable improved identification of obfuscated binaries, cryptocurrency miners, and other malicious activities within data containers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.