HackDig : Dig high-quality web security articles

How Dockershim’s Forthcoming Deprecation Affects Your Kubernetes

Container orchestration platform Kubernetes announced in December 2020 that its third and final release, Kubernetes v1.20, would deprecate dockershim and subsequently Docker as a container runtime. This deprecation has brought multiple changes that admins must be aware of and accordingly respond to. To best understand these changes and how dockershim
Publish At:2021-07-01 05:56 | Read:294 | Comments:0 | Tags:Cloud Docker kubernetes

[SANS ISC] How Safe Are Your Docker Images?

I published the following diary on isc.sans.edu: “How Safe Are Your Docker Images?“: Today, I don’t know any organization that is not using Docker today. For only test and development only or to full production systems, containers are deployed everywhere! In the same way, most popular tools today have a “dockerized” version r
Publish At:2021-04-22 07:39 | Read:554 | Comments:0 | Tags:Docker SANS Internet Storm Center Security SANS ISC Tool Vul

Cryptomining containers caught coining cryptocurrency covertly

In traditional software development, programmers code an application in one computing environment before deploying it to a similar, but often slightly different environment. This leads to bugs or errors that only show up when the software is deployed—exactly when you need them least. To solve for this, modern developers often bundle their applications togeth
Publish At:2021-04-09 10:53 | Read:537 | Comments:0 | Tags:Web threats containerization crypto-jacking docker docker hu

30 Docker images downloaded 20M times in cryptojacking attacks

Experts discovered that 30 malicious Docker images with a total number of 20 million pulls were involved in cryptomining operations. Palo Alto Network researcher Aviv Sasson discovered 30 malicious Docker images, which were downloaded 20 million times, that were involved in cryptojacking operations. The expert determined the number of cryptocurrencies
Publish At:2021-03-30 06:34 | Read:738 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking Malware cryptoj

Kubernetes admission controllers in 5 minutes

Admission controllers are a powerful Kubernetes-native feature that helps you define and customize what is allowed to run on your cluster. As watchdogs, they can control what’s going into your cluster. They can manage deployments requesting too many resources, enforce pod security policies, and even block vulnerable images from being deployed.
Publish At:2021-02-18 14:07 | Read:619 | Comments:0 | Tags:AWS Azure Docker Kubernetes OpenShift Sysdig Secure

Exploiting a bug in Azure Functions to escape Docker

Expert disclosed an unpatched vulnerability in Microsoft Azure Functions that could be exploited to escape the Docker container hosting them. Cybersecurity researcher Paul Litvak from Intezer Lab disclosed an unpatched vulnerability in Microsoft Azure Functions that could be exploited by an attacker to escalate privileges and escape the Docker container t
Publish At:2021-02-01 05:30 | Read:839 | Comments:0 | Tags:Breaking News Hacking Azure Docker hacking news information

TeamTNT botnet now steals Docker API and AWS credentials

Researchers from Trend Micro discovered that the TeamTNT botnet is now able to steal Docker API logins along with AWS credentials. Researchers from Trend Micro discovered that the TeamTNT botnet was improved and is now able to steal also Docker credentials. The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 an
Publish At:2021-01-10 07:00 | Read:1008 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware AWS botnet cryptoc

Preventing malicious use of Weave Scope

Intezer and Microsoft reported on Sept. 9 that TeamTNT hackers are deploying Weave Scope in compromised systems as an auxiliary tool in their intrusions. Weave Scope is a legitimate and powerful tool to manage server infrastructure that, once deployed, makes it easy to control all resources. In this article, we will describe how this tool can be used mali
Publish At:2020-12-10 13:13 | Read:786 | Comments:0 | Tags:Docker Falco Kubernetes Sysdig Secure falco Image scanning

Your team is running containers, but are they secure?

Organizations are modernizing IT infrastructure, restructuring teams, and accelerating application delivery with containers and Kubernetes. As with any technology, organizations are at various places within their journey. However, according to Gartner, more than 75% of global organizations will be running containerized apps in production by 2022. Cha
Publish At:2020-12-03 13:25 | Read:892 | Comments:0 | Tags:Docker Kubernetes

A scan of 4 Million Docker images reveals 51% have critical flaws

Security experts analyzed 4 million public Docker container images hosted on Docker Hub and found half of them was having critical flaws. Container security firm Prevasio has analyzed 4 million public Docker container images hosted on Docker Hub and discovered that the majority of them had critical vulnerabilities. The cybersecurity firm used its Prev
Publish At:2020-12-03 06:24 | Read:862 | Comments:0 | Tags:Breaking News Hacking Security Docker Docker Hub hacking new

How to monitor Istio, the Kubernetes service mesh

In this article, we are going to deploy and monitor Istio over a Kubernetes cluster. Istio is a service mesh platform that offers advanced routing, balancing, security, and high availability features, plus Prometheus-style metrics for your services out-of-the-box. What is Istio? Istio is a platform used to interconnect microservices.It provides advance
Publish At:2020-09-30 11:35 | Read:1010 | Comments:0 | Tags:AWS DCOS Docker Google Cloud IBM Cloud Kubernetes OpenShift

TeamTNT is the first cryptomining bot that steals AWS credentials

Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. The TeamTNT botnet is a crypto-mining malware operation that has been active since A
Publish At:2020-08-18 06:26 | Read:1056 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet Docker Hacking hack

Doki, an undetectable Linux backdoor targets Docker Servers

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers Cybersecurity researchers at Intezer spotted a new completely undetectable Linux malware, dubbed Doki, that exploits undocumented evasion techniques while targeting publicly accessible Docker servers. Th
Publish At:2020-07-29 09:05 | Read:1212 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking Malware botnet

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online, Trend Micro warns. Trend Micro researchers reported that operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is
Publish At:2020-06-24 03:35 | Read:1615 | Comments:0 | Tags:Breaking News Hacking Malware botnet Docker hacking news inf

XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers 

Insights and analysis by Augusto Remillano II With additional analysis by Patrick Noel Collado and Karen Ivy Titiwa We have recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers; these are XORDDoS malware (detected by Trend Micro as Backdoor.Linux.XORDDOS.AE) and Kaiji DDoS malware (detected by Trend Micro as
Publish At:2020-06-23 02:01 | Read:1518 | Comments:0 | Tags:Botnets Cloud botnet DDoS Docker Kaiji XORDDoS DDOS

Tag Cloud