docker
-
Don’t Let Vulnerabilities Sink Your Docker Containers: Fixing stdlib 1.18.2 in PostgreSQLWhen I encountered a mini-project that required a quick PostgreSQL implementation with an emphasis on speed, efficiency, and security, Docker emerged as the ideal solution. The urgency of the project demanded a rapid development approach, making Docker’s containerization capabilities particularly valuable.fix vulnerability stdlib 1.18.2Using Docker…
-
Learn Docker Commands Today and Deploy TomorrowHello Connections! 😃Welcome back to my blog. I’m Malarvizhi, a Cybersecurity Professional with a strong passion for DevSecOps and web application security. In my last blog we talked about the role of docker between DevOps and DevSecOps. Today, let’s explore key Docker concepts and commands. By the end of this…
-
Hey there, Docker enthusiasts! 🐳 Lets dive into the world of Docker security.. Containers are awesome, but securing them is crucial to…Continue reading on InfoSec Write-ups »
-
========================================================================== Ubuntu Security Notice USN-7161-1 December 16, 2024 Docker vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: – Ubuntu 24.10 – Ubuntu 24.04 LTS – Ubuntu 18.04 LTS Summary: Several security issues were fixed in Docker. Software Description: – docker.io-app: Linux container runtime – docker.io: Linux container runtime Details: Yair…
-
Releases Packages Details Yair Zak discovered that Docker could unexpectedly forward DNS requestsfrom internal networks in an unexpected manner. An attacker could possiblyuse this issue to exfiltrate data by encoding information in DNS queriesto controlled nameservers. This issue was only addressed inUbuntu 24.04 LTS. (CVE-2024-29018)
-
* bsc#1217070 * bsc#1228324 * bsc#1228553 * bsc#1229806
-
A recent surge in cryptojacking campaigns has targeted unsecured Docker and Kubernetes environments, exploiting misconfigurations to gain unauthorized access. These attacks leverage open API endpoints in Docker hosts, allowing threat actors to deploy malicious containers designed for cryptocurrency mining, specifically Monero. The campaign primarily targets high-performance cloud infrastructures, draining system resources and leading to significant…
-
services: controller1:image: apache/kafka:latestdeploy:replicas: 1environment:KAFKA_NODE_ID: 1KAFKA_PROCESS_ROLES: controllerKAFKA_LISTENERS: CONTROLLER://0.0.0.0:9093KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:SASL_PLAINTEXT,INTERNAL:SASL_SSL,OUTSIDE:SASL_SSLKAFKA_CONTROLLER_QUORUM_VOTERS: 1@controller1:9093,2@controller2:9093,3@controller3:9093KAFKA_CONTROLLER_LISTENER_NAMES: CONTROLLERKAFKA_INTER_BROKER_LISTENER_NAME: INTERNALKAFKA_LOG_DIR: /var/lib/kafka/data
-
The Gafgyt malware (often referred to as Bashlite or Lizkebab) has expanded its attack scope by targeting publicly exposed Docker Remote API servers.
-
Trend Micro Research has revealed a significant evolution in the behavior of the Gafgyt malware (also known as Bashlite or Lizkebab), which is now targeting misconfigured Docker Remote API servers. This marks a shift from Gafgyt’s traditional focus on vulnerable IoT devices.
-
WebAssembly Won’t Replace Docker Anytime Soon: Docker CTO – The New Stack
-
TeamTNT has recently emerged at the forefront of the ever-evolving threat landscape by devising novel exploits assaulting Docker clusters. Their Docker Gatling Gun campaign has targeted 16 million IP addresses worldwide and attacked Docker clusters globally.
-
TeamTNT’s “Docker Gatling Gun” Campaign Targets Exposed Cloud Environments with New Sliver Malware
·
A new report from Aqua Nautilus, led by Assaf Morag, Director of Threat Intelligence, has revealed a large-scale campaign by the notorious hacking group TeamTNT, known as the “Docker Gatling Gun.” TeamTNT, which previously abandoned some of its attack strategies, has returned with a renewed focus on exposed Docker environments, leveraging them to deploy cryptominers,…
-
Hackers are exploiting unprotected Docker remote API servers to deploy malware, with researchers stating the threat has reached a “critical level” and warning organizations to act now.
-
Crooks are targeting Docker API servers to deploy SRBMiner
-
Cybercriminals are increasingly targeting exposed Docker Remote API servers to deploy the perfctl malware, posing significant threats to organizations relying on containerized environments.
-
A newly discovered cyberattack campaign has been targeting exposed Docker Remote API servers to deploy the perfctl malware, a malicious software designed to infiltrate and compromise systems by exploiting the Docker environment. The recent report from Trend Micro sheds light on how attackers are probing vulnerable Docker servers, deploying containers, and executing harmful payloads to…
-
Attackers Target Exposed Docker Remote API Servers With perfctl Malware | Trend Micro (US)
-
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor.