Tag: container

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

Oct 8, 2024 12:06 PM

by

Andy Stern

in SecurityNews

Tags: access, container, exploit, flaw, nvidia, threat, vulnerability

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/critical-nvidia-container-toolkit.html
NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Oct 4, 2024 9:37 AM

by

Andy Stern

in SecurityNews

Tags: ai, container, nvidia, risk, vulnerability

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nvidia-ai-toolkit-vulnerability/
Critical NVIDIA Container Toolkit bug has widespread impact

Oct 2, 2024 9:36 PM

by

Andy Stern

in SecurityNews

Tags: container, nvidia

First seen on scworld.com Jump to article: www.scworld.com/brief/critical-nvidia-container-toolkit-bug-has-widespread-impact
Critical NVIDIA Container Toolkit flaw could allow access to the underlying host

Oct 2, 2024 3:36 PM

by

Andy Stern

in SecurityNews

Tags: access, container, flaw, nvidia, vulnerability

A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host. Critical vulne… First seen on securityaffairs.com Jump to article: securityaffairs.com/169090/uncategorized/nvidia-container-toolkit-critical-flaw.html
Critical flaw in NVIDIA Container Toolkit allows full host takeover

Oct 1, 2024 5:36 PM

by

Andy Stern

in SecurityNews

Tags: access, ai, cloud, container, flaw, nvidia, vulnerability

A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU re… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-flaw-in-nvidia-container-toolkit-allows-full-host-takeover/
Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover

Sep 27, 2024 2:36 PM

by

Andy Stern

in SecurityNews

Tags: ai, cloud, container, cvss, data, flaw, nvidia, risk, service

Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10. The post C… First seen on securityweek.com Jump to article: www.securityweek.com/critical-nvidia-container-flaw-exposes-cloud-ai-systems-to-host-takeover/
USENIX NSDI ’24 Towards Intelligent Automobile Cockpit via A New Container Architecture

Sep 24, 2024 2:11 PM

by

Andy Stern

in SecurityNews

Tags: container

Authors/Presenters:Lin Jiang, Feiyu Zhang, Jiang Ming Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/usenix-nsdi-24-towards-intelligent-automobile-cockpit-via-a-new-container-architecture/
Kubernetes Container Isolation Startup Edera Raises $5 Million

Sep 23, 2024 3:11 PM

by

Andy Stern

in SecurityNews

Tags: ai, container, kubernetes, startup

Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads. The post Kubernetes Container Isolati… First seen on securityweek.com Jump to article: www.securityweek.com/kubernetes-container-isolation-startup-edera-raises-5-million/
TeamTNT aims to take down cloud-based Docker containers, Kubernetes clusters

Sep 21, 2024 9:29 PM

by

Andy Stern

in SecurityNews

Tags: cloud, container, docker, kubernetes

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/teamtnt-aims-to-take-down-cloud-based-docker-containers-kubernetes-clusters
USENIX Security ’23 Attacks are Forwarded: Breaking the Isolation of MicroVM-Based Containers Through Operation Forwarding

Sep 16, 2024 11:29 PM

by

Andy Stern

in SecurityNews

Tags: attack, container

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/usenix-security-23-attacks-are-forwarded-breaking-the-isolation-of-microvm-based-containers-through-operation-forwarding/
Vulnerabilities in IBM Products Let Attackers Exploit Launch DOS Attack

Sep 10, 2024 3:36 PM

by

Andy Stern

in SecurityNews

Tags: attack, container, dos, exploit, ibm, vulnerability

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and Queue Manager container images. These vulnerabilities, i… First seen on gbhackers.com Jump to article: gbhackers.com/ibm-container-vulnerabilities/
privacyIDEA 3.10: Neue Container-Verwaltung und Offline WebAuthn-Support

Sep 10, 2024 10:37 AM

by

Andy Stern

in SecurityNews

Tags: authentication, container, mfa

Die quelloffene Multi-Faktor-Authentifizierung bietet neue Funktionsweisen wie Token-Container, Offline-WebAuthn und ein erweitertes Push-Token-Verfah… First seen on heise.de Jump to article: www.heise.de/news/privacyIDEA-3-10-Neue-Container-Verwaltung-und-Offline-WebAuthn-Support-9860743.html
IBM App Connect verwundbar – Schwachstellen-Risiko in IBM App Connect Enterprise Certified Container

Aug 29, 2024 2:35 PM

by

Andy Stern

in SecurityNews

Tags: container, ibm, risk, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/ibm-sicherheitsluecken-app-connect-enterprise-a-ce69b6a0f1f4f2ad6fb670275907628e/
CheckmarxSecurity gibt Aufschluss in Echtzeit darüber, ob bösartige Pakete aktiv in laufenden Containern verwendet werden

Aug 26, 2024 2:05 PM

by

Andy Stern

in SecurityNews

Tags: container

Anwendungen inmitten immer komplexerer Bedrohungslandschaften schneller auszurollen, wird für Unternehmen zunehmend zur Herausforderung. Vor diesem Hi… First seen on netzpalaver.de Jump to article: netzpalaver.de/2024/08/15/checkmarx-container-security-gibt-aufschluss-in-echtzeit-darueber-ob-boesartige-pakete-aktiv-in-laufenden-containern-verwendet-werden/
(g+) Container-Security: Werkzeuge für Schwachstellentests mit Containern

Aug 25, 2024 7:08 AM

by

Andy Stern

in SecurityNews

Tags: container

First seen on golem.de Jump to article: www.golem.de/news/container-security-werkzeuge-fuer-schwachstellentests-mit-containern-2408-187936.html
Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom

Aug 19, 2024 11:01 AM

by

Andy Stern

in SecurityNews

Tags: breach, cloud, container, cybercrime, data, ransom, risk

Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/15/exposed-environment-files-data-theft/
Sicherheitsrisiko Container Sicherheit muss in den Fokus

Aug 16, 2024 12:04 PM

by

Andy Stern

in SecurityNews

Tags: container, kubernetes

First seen on security-insider.de Jump to article: www.security-insider.de/cloud-native-technologie-kubernetes-sicherheit-a-49583b3b2a159679a63c9d0727e28378/
Addressing Tomcat Vulnerabilities in EndLife Ubuntu Systems

Aug 12, 2024 8:36 PM

by

Andy Stern

in SecurityNews

Tags: apache, container, open-source, software, vulnerability

Apache Tomcat is a widely used open-source web server and servlet container, but like any software, it is not immune to vulnerabilities. Canonical has… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/addressing-tomcat-vulnerabilities-in-end-of-life-ubuntu-systems/
Container angreifbar: Docker muss kritische Schwachstelle von 2019 erneut patchen

Aug 5, 2024 7:38 AM

by

Andy Stern

in SecurityNews

Tags: container, docker, update, vulnerability

Docker hatte die Lücke längst geschlossen. Nur Monate später flog der Patch aber wieder raus. Die Docker Engine ist damit fünf Jahre lang angreifbar g… First seen on golem.de Jump to article: www.golem.de/news/container-angreifbar-docker-muss-kritische-schwachstelle-von-2019-erneut-patchen-2407-187423.html
Grype: Open-source vulnerability scanner for container images, filesystems

Jul 19, 2024 5:56 PM

by

Andy Stern

in SecurityNews

Tags: container, open-source, software, vulnerability

Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/18/grype-open-source-vulnerability-scanner-container-images-filesystems/
Securing Kubernetes: The Risks Of Unmanaged Machine Identities

Jul 10, 2024 7:08 PM

by

Andy Stern

in SecurityNews

Tags: container, kubernetes, risk

Microservices and containers are changing the way businesses build, deploy, and manage their applications. Within a short span, these technologies hav… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/securing-kubernetes-the-risks-of-unmanaged-machine-identities/
Securing Supply Chains After Baltimore

Jul 4, 2024 3:47 PM

by

Andy Stern

in SecurityNews

Tags: container, supply-chain

In March, a container ship leaving the Helen Delich Bentley Port of Baltimore struck a support piling holding up the Francis Scott Key Bridge, knockin… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/securing-supply-chains-after-baltimore/
USENIX Security ’23 Uncontained: Uncovering Container Confusion in the Linux Kernel

Jun 24, 2024 2:42 AM

by

Andy Stern

in SecurityNews

Tags: container, linux

Authors/Presenters: Jakob Koschel, Pietro Borrello, Daniele Cono D’Elia, Herbert Bos. Cristiano Giuffrida Many thanks to Presenters: Jakob Kos… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/usenix-security-23-uncontained-uncovering-container-confusion-in-the-linux-kernel/
Schwachstelle in IBM App Connect Enterprise Certified Container – CVSS 9.8 IBM schließt kritische Sicherheitslücke

Jun 21, 2024 6:43 AM

by

Andy Stern

in SecurityNews

Tags: bug, container, cvss, ibm, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/ibm-app-connect-enterprise-certified-container-schwachstelle-cve-2024-29651-a-b0ea419abca0ffae816e963d608a9298/
Kritische DoS-Lücke bedroht IBM App Connect Enterprise Certified Container

Jun 17, 2024 10:17 AM

by

Andy Stern

in SecurityNews

Tags: container, dos, ibm

First seen on heise.de Jump to article: www.heise.de/news/Kritische-DoS-Luecke-bedroht-IBM-App-Connect-Enterprise-Certified-Container-9750023.html
‘Commando Cat’ Digs Its Claws into Exposed Docker Containers

Jun 14, 2024 3:24 PM

by

Andy Stern

in SecurityNews

Tags: container, data-breach, docker

First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/-commando-cat-digs-its-claws-into-exposed-docker-containers
Container Security

Jun 3, 2024 5:02 PM

by

Andy Stern

in SecurityNews

Tags: container

First seen on tldrsec.com Jump to article: tldrsec.com/p/blog-container-security
The Evolution of Security in Containerized Environments

May 31, 2024 8:04 PM

by

Andy Stern

in SecurityNews

Tags: container

In recent years, containers have become a staple in modern IT infrastructures. They provide extreme flexibility and efficiency in deploying applicatio… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/the-evolution-of-security-in-containerized-environments/
Simplify Certificate Lifecycle Management And Build Security Into OpenShift Kubernetes Engine With AppViewX KUBE+

May 14, 2024 10:19 PM

by

Andy Stern

in SecurityNews

Tags: container, kubernetes, open-source

Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. Bu… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/simplify-certificate-lifecycle-management-and-build-security-into-openshift-kubernetes-engine-with-appviewx-kube/
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years

May 13, 2024 12:19 PM

by

Andy Stern

in SecurityNews

Tags: container, cybersecurity, docker, malicious

Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious imageless containers over the past… First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/millions-of-malicious-imageless.html