CGN-SecurityGraph-116

A virtual machine having high privileges and access to a sensitive database has communicated with a malicious IP

This highly privileged virtual machine (VM) has communicated with a malicious IP address, while having access to a database containing sensitive data. This combination creates a critical security risk that demands immediate action to prevent a data breach.

critical

aws

CGN-SecurityGraph-119

Publicly exposed virtual machine with critical vulnerability and high privileges has access to sensitive database

This publicly exposed virtual machine has a critical vulnerability and high privileges, granting access to a sensitive database. The combination of external accessibility and elevated privileges makes it a prime target for exploitation, potentially leading to unauthorized access to sensitive data. Immediate action is needed to mitigate the risk of a data breach.

critical

aws

CGN-SecurityGraph-120

Critical severity malware was detected on a virtual machine with sensitive database access

This virtual machine (VM) is infected with critical malware has access to sensitive database. The malware associated with such a hacking tool, or suite of tools, is known to have highly adverse impact. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

high

aws

CGN-SecurityGraph-121

A virtual machine with a highly privileged IAM role and third party access is vulnerable to a critical CVE

This virtual machine (VM) with a high-privilege IAM role and a critical CVE can be exploited for unauthorized cloud access. Third party access increases the risk of credential theft and service disruption. Attackers may escalate privileges, exfiltrate data, or move laterally.

critical

aws,azure

CGN-SecurityGraph-122

A virtual machine (VM) has high permissions is detected with suspicious CNC communication

This virtual machine has elevated permissions making it a high-value target for attackers. It is also suspected of communicating with a malicious Command and Control (CNC) server which could lead to data exfiltration, privilege escalation, or malware deployment.

critical

aws,azure

CGN-SecurityGraph-103

Virtual Machine infected with cryptomining malware

This virtual machine (VM) is infected with a cryptomining malware. This poses a significant security risk, it is crucial to address and fix this issue promptly to prevent a potential performance degradation and data breach.

medium

azure,aws

CGN-SecurityGraph-104

Function infected with cryptomining malware

A function was detected that has been infected with cryptomining malware. This is a risk that should be addressed immediately.

medium

aws, azure

CGN-SecurityGraph-114

Function infected with a virus

This serverless function is infected with a virus. This finding poses a significant security risk, it is crucial to address and fix this issue promptly to prevent a potential data breach.

medium

azure

CGN-SecurityGraph-117

A Virtual Machine with access to a database containing sensitive data has communicated with a malicious IP

This virtual machine (VM) has communicated with a malicious IP while having access to a sensitive database, creating a critical security risk that demands immediate action to prevent a data breach.

critical

aws

CGN-SecurityGraph-118

Virtual Machine with suspected CNC communication and access to sensitive database

This virtual machine was detected communicating with Command and Control (CNC) server, indicating potential unauthorized access or malware activity.The machine has access to database containing sensitive data, making it a high-value target for attackers.If CNC communication was detected, it could mean that data was exfiltrated or further compromise of the system is ongoing.Immediate action is required to investigate and mitigate this threat to prevent potential data breaches and ensure the security of sensitive information.

critical

aws

CGN-SecurityGraph-112

VM infected with infostealer

This virtual machine (VM) is infected with an infostealer, i.e. information stealing malware.  This finding poses a risk that should be addressed immediately.

High

azure,aws

CGN-SecurityGraph-113

VM infected with a virus

This virtual machine (VM) is infected with a virus. This finding poses a risk that should be addressed immediately.

High

azure,aws

CGN-SecurityGraph-109

Function with CVE can connect to Database with sensitive data

This serverless function has an exploitable CVE and can connect to a database with sensitive data resulting in a potential severe data compromise.

Critical

aws

CGN-SecurityGraph-110

Workload with CVE can connect to Database with sensitive data

This container workload has an exploitable CVE and can connect to a database with sensitive data resulting in a potential severe data compromise.

Critical

aws

CGN-SecurityGraph-111

Serverless function infected with infostealer

This serverless function is infected with an infostealer, i.e. information stealing malware.  This finding poses a risk that should be addressed immediately.

High

azure

CGN-SecurityGraph-102

VM with CVE can connect to Database with sensitive data

This VM has an exploitable CVE and can connect to a Database with sensitive data resulting in a potential severe data compromise.

critical

aws

CGN-SecurityGraph-105

Serverless function critically infected with a hacking tool

This serverless function is infected with a hacking tool. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

high

azure

CGN-SecurityGraph-106

VM critically infected with a hacking tool

This virtual machine (VM) is infected with a hacking tool. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

high

aws,azure

CGN-SecurityGraph-107

Serverless function infected with critical ransomware

This serverless function is infected with ransomware. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

critical

azure

CGN-SecurityGraph-108

VM infected with critical ransomware

This virtual machine (VM) is infected with ransomware. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

critical

aws,azure