Security news that informs and inspires

Archive

5 results for tag Docker:

Lemon Duck Botnet Targets Exposed Docker APIs

The prolific botnet, which previously targeted vulnerable Microsoft Exchange servers, is now gaining initial access via exposed Docker APIs.

Docker, Cryptomining, Botnet

Software Supply Chain Woes Afflict DockerHub, Too

Threat analysis firm Prevasio scanned the entire DockerHub and found that 51 percent of all container images had at least one critical vulnerability and 13 percent had at least one high-severity vulnerability. Researchers also identified 6,433 images that were malicious or potentially harmful.

Containers, Docker

Attackers Use Cloud Tool to Target Docker, Kubernetes

An attack group TeamTNT is using Weave Scope, an open source cloud monitoring and control tool to compromise Docker and Kubernetes instances as part of a cryptocurrency mining operation, security company Intezer said.

Cloud, Kubernetes, Docker

Docker Bug Allows Root Access to Host File System

A vulnerability in all versions of the Docker platform can give an attacker full read and write access to the host file system.

Docker

Docker Hub Breach Can Have a Long Reach

Docker revoked tokens linking GitHub and Bitbucket with Docker Hub accounts after discovering "unauthorized access" in its Hub database. Developers should check their code to ensure no unauthorized changes have been made.

Containers, Docker