malware
JFrog Reveals Docker Hub Compromise Spanning Millions of Repositories
Malware attacks against millions of Docker Hub repositories have been underway since 2021. Assume all the content you host on a publicly accessible repository might be compromised ...
Cado Security Labs Exposes Commando Cat Container Malware Campaign
Cado Security Labs today disclosed it has discovered a malware campaign, dubbed “Commando Cat,” that targets Docker API endpoints ...
Cado Security Labs Identifies Campaign to Compromise Docker Hosts
Cado Security identified an ongoing effort to abuse Docker containers using a 9hits service to create fraudulent web traffic ...
Deepfence Expands Scope of Open Source Container Security Platform
Deepfence today announced it has updated its open source ThreatMapper project to add expanded visualizations of attack paths and a scanner based on the YARA tool many security researchers use to identify ...
Lacework Labs Finds Backdoors in Container Images
Cloud security platform provider Lacework this week published a report that reveals cybercriminals are now creating backdoors in legitimate container images. Lacework Labs reports it has discovered that a threat actor, dubbed ...
Report: Docker Hub Container Vulnerabilities High
Prevasio, a provider of a cloud service for scanning container images, this week released a report based on a scan of 4 million public container images found in Docker Hub that concludes ...
Protecting Containers Against ‘Doki’ Malware
Security researchers at Intezer recently alerted the enterprise security community about Doki, a new and substantial malware targeting public Docker environments. Downloaded and installed via a Linux backdoor, Doki uses Dyn’s DynDNS ...
Docker Hub Distributing Cryptomining Malware?
A pair of cybersecurity reports published this week suggests the level of cryptomining malware lurking in the Docker Hub repository is potentially greater than most IT teams realize. Aqua Security, a provider ...
RunC Bug Highlights Docker Security Challenges, But It’s Not Fatal
It’s a Docker admin’s worst nightmare: An attacker compromises a container, then uses it to gain control of the entire host server. A newly discovered security vulnerability in runC enables just that ...
Menlo Security Captures Malware in Containerized Microservices, Part Two
Last time we introduced Menlo Security, a web firm with a twist, making containers with the infected web services and malware trapped inside them disappear, preventing attacks from reach web browsers. Using ...