Tag: docker
-
Die 10 besten APITools
by
in SecurityNews
Tags: ai, api, application-security, cloud, computing, credentials, cyberattack, data, ddos, docker, github, hacker, hacking, infrastructure, injection, mobile, open-source, programming, risk, service, software, sql, tool, vulnerability, wafMithilfe von APIs können verschiedene Software-Komponenten und -Ressourcen miteinander interagieren. Foto: eamesBot shutterstock.comAnwendungsprogrammierschnittstellen (Application Programming Interfaces, APIs) sind zu einem wichtigen Bestandteil von Netzwerken, Programmen, Anwendungen, Geräten und fast allen anderen Bereichen der Computerlandschaft geworden. Dies gilt insbesondere für das Cloud Computing und das Mobile Computing. Beides könnte in der derzeitigen Form nicht existieren, wenn…
-
Hackers Exploit Docker Remote API Servers To Inject Gafgyt Malware
by
in SecurityNewsAttackers are exploiting publicly exposed Docker Remote API servers to deploy Gafgyt malware by creating a Docker container using a legitimate >>alpine
-
JFrog entdeckt Angriffe auf Docker Hub 3 Millionen Repositories kompromittiert
by
in SecurityNewsDa Docker Hub weiterhin eine entscheidende Rolle im Entwickler-Ökosystem spielt, müssen die Sicherheitspraktiken weiterentwickelt werden, um diese Sch… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-entdeckt-angriffe-auf-docker-hub-3-millionen-repositories-kompromittiert/a37280/
-
Perfctl malware strikes again as crypto-crooks target Docker Remote API servers
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/24/perfctl_malware_strikes_again/
-
Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks
by
in SecurityNewsBad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findi… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/cybercriminals-exploiting-docker-api.html
-
TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/teamtnt-exploits-ips-malware-attack-docker-clusters/
-
Crooks are targeting Docker API servers to deploy SRBMiner
by
in SecurityNewsThreat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances, Trend Micro warns. Trend Micro resear… First seen on securityaffairs.com Jump to article: securityaffairs.com/170144/malware/docker-remote-api-servers-srbminer.html
-
Backup in flüchtigen Umgebungen – Daten in Docker-Containern wiederherstellen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/-sicherung-wiederherstellung-docker-volumes-a-3fd1c351200664b8c77cee1104fd8e1d/
-
New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
by
in SecurityNewsCybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/new-cryptojacking-attack-targets-docker.html
-
TeamTNT aims to take down cloud-based Docker containers, Kubernetes clusters
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/teamtnt-aims-to-take-down-cloud-based-docker-containers-kubernetes-clusters
-
Docker Desktop Vulnerabilities Let Attackers Execute Remote Code
by
in SecurityNewsDocker has addressed critical vulnerabilities in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities, identified a… First seen on gbhackers.com Jump to article: gbhackers.com/docker-desktop-vulnerabilities/
-
DockerSpy: Search for images on Docker Hub, extract sensitive information
by
in SecurityNewsDockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/11/dockerspy-extract-sensitive-information-docker-hub-images/
-
Docker-OSX image used for security research hit by Apple DMCA takedown
by
in SecurityNewsThe popular Docker-OSX project has been removed from Docker Hub after Apple filed a DMCA (Digital Millennium Copyright Act) takedown request, alleging… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/docker-osx-image-used-for-security-research-hit-by-apple-dmca-takedown/
-
You should probably fix this 5-year-old critical Docker vuln fairly sharpish
by
in SecurityNews
Tags: dockerFirst seen on theregister.com Jump to article: www.theregister.com/2024/07/25/5yo_docker_vulnerability/
-
Alte Sicherheitslücke zur Rechteausweitung wieder aufgetaucht
by
in SecurityNewsEine Schwachstelle in den Autorisierung-Plug-ins hatte Docker 2019 geschlossen. Sie ist aber kurz danach als Regression wieder in die Engine eingeflos… First seen on heise.de Jump to article: www.heise.de/news/Docker-Alte-Sicherheitsluecke-zur-Rechteausweitung-wieder-aufgetaucht-9811582.html
-
Container angreifbar: Docker muss kritische Schwachstelle von 2019 erneut patchen
by
in SecurityNewsDocker hatte die Lücke längst geschlossen. Nur Monate später flog der Patch aber wieder raus. Die Docker Engine ist damit fünf Jahre lang angreifbar g… First seen on golem.de Jump to article: www.golem.de/news/container-angreifbar-docker-muss-kritische-schwachstelle-von-2019-erneut-patchen-2407-187423.html
-
Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
by
in SecurityNewsDocker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/critical-docker-engine-flaw-allows.html
-
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
by
in SecurityNewsA critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially c… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/25/cve-2024-41110/
-
Critical bug in Docker Engine allowed attackers to bypass authorization plugins
by
in SecurityNewsA critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerabili… First seen on securityaffairs.com Jump to article: securityaffairs.com/166160/hacking/docker-engine-critical-flaw.html
-
Docker fixes critical 5-year old authentication bypass flaw
by
in SecurityNewsDocker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to byp… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/docker-fixes-critical-5-year-old-authentication-bypass-flaw/
-
Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018
by
in SecurityNewsThe vulnerability, tagged as CVE-2024-41110 with a CVSS severity score of 10/10, was originally found and fixed in 2018. The post Docker Patches Criti… First seen on securityweek.com Jump to article: www.securityweek.com/docker-patches-critical-authz-plugin-bypass-vulnerability-dating-back-to-2018/
-
Portainer: Open-source Docker and Kubernetes management
by
in SecurityNewsPortainer Community Edition is an open-source, lightweight service delivery platform for containerized applications. It enables the management of Dock… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/01/portainer-open-source-docker-kubernetes-management/
-
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
by
in SecurityNewsCybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocu… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/new-malware-targets-exposed-docker-apis.html
-
Novel malware campaign sets sights on misconfigured Docker APIs
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/novel-malware-campaign-sets-sights-on-misconfigured-docker-apis
-
Cryptojacking campaign targets exposed Docker APIs
by
in SecurityNewsA malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered… First seen on securityaffairs.com Jump to article: securityaffairs.com/164668/cyber-crime/malware-campaign-docker-api-endpoints.html
-
Commando Cat Docker Cryptojacking: Alert Prevention Tips
by
in SecurityNewsRecent reports have unveiled a concerning cyber threat orchestrated by a group identified as Commando Cat. This threat actor has been actively engagin… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/commando-cat-docker-cryptojacking-alert-prevention-tips/
-
Hackers Employing New Techniques To Attack Docker API
by
in SecurityNewsAttackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine hosts by using new binaries chkstart (re… First seen on gbhackers.com Jump to article: gbhackers.com/new-hacking-techniques-docker-api/
-
Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances
by
in SecurityNewsThe threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to d… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/commando-cat-cryptojacking-attacks.html
-
‘Commando Cat’ Digs Its Claws into Exposed Docker Containers
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/-commando-cat-digs-its-claws-into-exposed-docker-containers
-
Unsecured Docker servers subjected to ongoing cryptojacking campaign
by
in SecurityNews
Tags: dockerFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/unsecured-docker-servers-subjected-to-ongoing-cryptojacking-campaign