Docker Archives - HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

Contain yourself, Docker: Race-condition bug puts host machines at risk… sometimes, ish

Tricky to exploit in the real world, which is good because no official fix is available yet A vulnerability in all versions of Docker can be potentially exploited by miscreants to escape containers’ security protections, and read and write data on host machines, possibly leading to code execution.… The Register – Security

Nginx nJS will need patches, hotels exposed via security systems, Docker containers dinged, and more

Another week of security mishaps is in the books Roundup Here’s a quick summary of news in the world of information security beyond everything we’ve already covered.… The Register – Security

How Veracode Scans Docker Containers for Open Source Vulnerabilities

Veracode Software Composition Analysis now also scans Docker containers and images to find vulnerabilities associated with open source libraries as dependencies of the base OS image and globally installed packages. If you’re interested in understanding how containers work, the different components that make up your container ecosystem, and how that differs from virtualization, we recommend […]

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA). Threat actors are actively scanning the Internet for exposed […]

Docker Hub Database Breached, As Many As 190,000 Accounts Affected

Docker, a company that created an open platform for building and running distributed applications, reported to users that its Docker Hub database had been breached, exposing sensitive data from approximately 190,000 accounts. While that figure makes up less than five percent of Hub users, the data included some usernames and hashed passwords as well as […]