HackDig : Dig high-quality web security articles for hackers

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online, Trend Micro warns. Trend Micro researchers reported that operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is
Publish At:2020-06-24 03:35 | Read:172 | Comments:0 | Tags:Breaking News Hacking Malware botnet Docker hacking news inf

XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers 

Insights and analysis by Augusto Remillano II With additional analysis by Patrick Noel Collado and Karen Ivy Titiwa We have recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers; these are XORDDoS malware (detected by Trend Micro as Backdoor.Linux.XORDDOS.AE) and Kaiji DDoS malware (detected by Trend Micro as
Publish At:2020-06-23 02:01 | Read:82 | Comments:0 | Tags:Botnets Cloud botnet DDoS Docker Kaiji XORDDoS DDOS

Experts found a Privilege escalation issue in Docker Desktop for Windows

A severe privilege escalation vulnerability, tracked as CVE-2020-11492, has been addressed in the Windows Docker Desktop Service.  Cybersecurity researchers from Pen Test Partners publicly disclosed a privilege escalation vulnerability in the Windows Docker Desktop Service.  The CVE-2020-11492 issue affects the way the service uses named pipes when com
Publish At:2020-05-24 12:16 | Read:238 | Comments:0 | Tags:Breaking News Hacking Docker information security news it se

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. Then the attackers break into
Publish At:2020-04-06 17:16 | Read:663 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cryptocurrency min

Misconfigured Docker API Ports Targeted by Kinsing Malware

Security researchers observed an attack campaign that targeted misconfigured Docker API ports with samples of Kinsing malware.According to Aqua Security, the campaign began when it capitalized on an unprotected Docker API port to run a Ubuntu container.The command used for creating the Ubuntu container included a shell script “d.sh.” By means of
Publish At:2020-04-06 16:53 | Read:637 | Comments:0 | Tags:Cloud Latest Security News Docker Kinsing malware

Understanding Kubernetes pod evicted and scheduling problems

Pod evicted and scheduling problems are side effects of Kubernetes limits and requests, usually caused by a lack of planning. Beginners tend to think limits are optional, and merely an obstacle for your stuff to run. Why should I set a limit if I can have no limits? I may need all CPU eventually. With this way of thinking Kubernetes wouldn’t hav
Publish At:2020-01-23 23:50 | Read:499 | Comments:0 | Tags:Docker Kubernetes OpenShift Sysdig Monitor

Image Scanning with Github Actions

In this blog post, you will learn how to setup image scanning with Github Actions using Sysdig Secure DevOps Platform. We will create a basic workflow to perform a local scan to detect vulnerabilities and bad practices before the image is pushed to any registry. We will also customize scanning policies to stop the build according to a set of defined rules.
Publish At:2020-01-14 23:50 | Read:600 | Comments:0 | Tags:Sysdig Secure Docker Github Github Actions Kubernetes

Why Running a Privileged Container in Docker Is a Bad Idea

By David Fiser and Alfredo Oliveira Privileged containers in Docker are, concisely put, containers that have all of the root capabilities of a host machine, allowing the ability to access resources which are not accessible in ordinary containers. One use case of a privileged container is running a Docker daemon inside a Docker container; another is where the
Publish At:2019-12-20 14:35 | Read:1873 | Comments:0 | Tags:Cloud Container Security Docker Privileged Container

TROOPERS20 Training Teaser: Swim with the whales – Docker, DevOps & Security in Enterprise Environments

Containerization dominates the market nowadays. Fancy buzzwords like continuous integration/deployment/delivery, microservices, containers, DevOps are floating around, but what do they mean? What benefits do they offer compared to the old dogmas? You’re gonna find out in our training! We are going to start with the basics of Docker, Containers and DevO
Publish At:2019-12-02 05:15 | Read:1294 | Comments:0 | Tags:Misc DevOps Docker K8 kubernetes TROOPERS TROOPERS20

Graboid Cryptojacking Worm Has Struck Over 2K Unsecured Docker Hosts

Researchers discovered a new cryptojacking worm called “Graboid” that has spread to more than 2,000 unsecured Docker hosts.In its research, Palo Alto Networks’ Unit 42 team noted that it’s the first time it’s discovered a cryptojacking worm specifically using containers in the Docker Engine for distribution. (It’s not the
Publish At:2019-10-18 10:10 | Read:1088 | Comments:0 | Tags:IT Security and Data Protection Latest Security News cryptoj

“TorWitness” Docker Container: Automated (Tor) Websites Screenshots

The idea of this Docker container came after reading the excellent Micah Hoffman’s blog post: Dark Web Report + TorGhost + EyeWitness == Goodness. Like Micah, I’m also receiving a daily file with new websites discovered on the (dark|deep) web (name it as you prefer). This service is provided by @hunchly Twitter account. Once a day, you get an XLS
Publish At:2017-10-25 15:50 | Read:4214 | Comments:0 | Tags:Docker Software Tor Website

[SANS ISC] The easy way to analyze huge amounts of PCAP data

I published the following diary on isc.sans.org: “The easy way to analyze huge amounts of PCAP data“. When you are investigating a security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If you’re lucky, you’ll have access to a network capture. Approximatively one year ago, I wrote a qui
Publish At:2017-09-28 08:00 | Read:3338 | Comments:0 | Tags:Docker SANS Internet Storm Center Security Moloch network pc

Docker Enterprise Edition Now on G-Cloud 9 Framework

  Docker Enterprise Edition (EE) has been accepted to G-Cloud 9, further exemplifying Docker’s commitment to delivering tools for application modernization and innovation across the UK public sector. G-Cloud 9 is the UK government’s latest framework that is designed to simplify and accelerate adoption of cloud-based services within the public sector. The inc
Publish At:2017-06-06 08:45 | Read:4195 | Comments:0 | Tags:Docker Orchestration Partners Releases Security docker Docke

Get all the Docker talks from Tech Field Day 12

As 2016 comes to a close, we are excited to have participated in a few of the Tech Field Day and inaugural Cloud Field Day events to share the Docker technology with the IT leaders and evangelists that Stephen Foskett and Tom Hollingsworth have cultivated into this fantastic group.  The final event was Tech Field Day 12 hosting in Silicon Valley. In case you
Publish At:2017-05-24 19:06 | Read:3898 | Comments:0 | Tags:Docker Education Engine Events Networking Security docker fo

Tips for Troubleshooting Apps in Production with Docker Datacenter

If you have been using Docker for some time, after the initial phases of building Dockerfiles and running a container here and there, the real work begins in building, deploying and operating multi-container applications in a production environment.  Are you operationally ready to take your application to production? Docker Datacenter provides an integrated
Publish At:2017-05-24 19:06 | Read:4833 | Comments:0 | Tags:Docker Engine Orchestration Security docker datacenter docke

Announce

Share high-quality web security related articles with you:)

Tools