Crypto-mining malware fiends exploit insecure Docker installations with botnet
December 2nd, 2020 📆 | 6810 Views ⚑
John Leyden 02 December 2020 at 16:50 UTC Updated: 02 December 2020 at 17:19 UTC There’s something nasty in that
Browsing the "docker" Tag
Tagged with: botnet • crypto • cryptomining • docker • exploit • fiends • insecure • installations • malware • mining
Crypto-mining malware fiends exploit insecure Docker installs with botnet
December 2nd, 2020 📆 | 4627 Views ⚑
There’s something nasty in that container Cybercriminals have been caught exploiting misconfigured Docker installations to spread crypto-mining malware. Researchers at
Tagged with: botnet • crypto • cryptomining • docker • exploit • fiends • insecure • installs • malware • mining
Misconfigured Docker Servers Under Attack By Xanthe Malware
December 2nd, 2020 📆 | 8489 Views ⚑
Misconfigured Docker Servers Under Attack By Xanthe Malware Source link
Tagged with: attack • botnet • Cisco Talos • cryptomining • docker • docker API • hacks • malware • misconfigured • Mobile Security • monero • privacy • servers • SSH • under • vulnerabilities • Web Security • xanthe • xmrig
TeamTNT Gains Full Remote Takeover Of Cloud Instances
September 10th, 2020 📆 | 6184 Views ⚑
TeamTNT Gains Full Remote Takeover Of Cloud Instances Source link
Tagged with: backdoor • cloud • cloud instances • cloud security • cyberattacks • docker • docker image • fileless • Full • gains • hacks • instances • intezer • kubernetes • malware • microsoft • Mobile Security • privacy • remote • remote takeover • takeover • teamtnt • vulnerabilities • weave scope • Web Security
A Tale of Escaping a Hardened Docker container
August 25th, 2020 📆 | 4337 Views ⚑
Legend has it that before his death, Harry Houdini once said: “if it is truly possible for someone to return
Tagged with: container • docker • escaping • hardened • tale
Docker Privileged Container Escape ≈ Packet Storm
August 7th, 2020 📆 | 4178 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## # POC modified from https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/class MetasploitModule < Msf::Exploit::LocalRank = NormalRanking prepend
Tagged with: advisory • container • CSRF • docker • escape • exploit • overflow • packet • privileged • scanner • security • storm • vulnerability • whitepaper • XSS
Botnet abuses Docker servers & crypto blockchain to deliver Doki backdoor
July 30th, 2020 📆 | 1979 Views ⚑
As user organizations move more of their business infrastructure off premises, cybercriminals become increasingly motivated to target Linux-based cloud environments,
Tagged with: abuses • backdoor • blockchain • botnet • crypto • deliver • docker • Doki • servers
CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS – Monterey County Weekly
July 21st, 2020 📆 | 6756 Views ⚑
CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS Monterey County Weekly Source link
Tagged with: AWS • capabilities • cloud • CloudPassage • Containerrelated • county • docker • expands • kubernetes • monterey • security • services • weekly
CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS
July 21st, 2020 📆 | 7905 Views ⚑
SAN FRANCISCO, July 21, 2020 /PRNewswire/ — CloudPassage, a recognized leader in cloud computing security and compliance, announced expanded container-related security
Tagged with: AWS • capabilities • cloud • CloudPassage • Containerrelated • docker • expands • kubernetes • security • services
Docker attackers devise clever technique to avoid detection
July 16th, 2020 📆 | 8060 Views ⚑
In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they
Tagged with: attackers • avoid • clever • detection • devise • docker • technique
Docker and Snyk Announce Partnership to Streamline Container Vulnerability Scanning for Developers
May 31st, 2020 📆 | 5729 Views ⚑
Millions of developers to benefit from Snyk’s vulnerability scanning natively integrated into the Docker workflow for faster and more secure
Tagged with: announce • container • containers • developers • docker • Inc. • partnership • scanning • security • Snyk • streamline • vulnerability
Docker Desktop danger discovered, patch now – Naked Security
May 26th, 2020 📆 | 2138 Views ⚑
Docker has fixed a vulnerability that could have allowed an attacker to gain control of a Windows system using its
Tagged with: danger • desktop • discovered • docker • docker desktop for windows • docker desktop service • microsoft web server • naked • patch • Privilege Escalation • security • vulnerability • windows
Privilege escalation vulnerability patched in Docker Desktop for Windows
May 22nd, 2020 📆 | 6448 Views ⚑
A severe privilege escalation vulnerability has been patched in the Windows Docker Desktop Service. On Friday, cybersecurity researchers from Pen
Tagged with: desktop • docker • escalation • patched • privilege • vulnerability • windows
Docker partners with Snyk on container image vulnerability scanning
May 20th, 2020 📆 | 1616 Views ⚑
Software container company Docker Inc. says it’s teaming up with the British cybersecurity startup Snyk Ltd. to provide what it
Tagged with: container • docker • image • partners • scanning • vulnerability
Docker-Credential-Wincred.exe – Privilege Escalation (Metasploit)
May 1st, 2020 📆 | 4208 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ManualRanking include
Tagged with: credential • CVE-2019-15752 • docker • DockerCredentialWincredexe • escalation • local • metasploit • privilege • wincred • windows
Docker-Credential-Wincred.exe Privilege Escalation ↭
April 27th, 2020 📆 | 6748 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::LocalRank = ManualRanking include Msf::Exploit::EXEinclude Msf::Exploit::FileDropperinclude Post::Windows::Privinclude Post::Windows::Runas
Tagged with: advisory • credential • CSRF • docker • DockerCredentialWincredexe • escalation • exploit • overflow • privilege • scanner • security • vulnerability • whitepaper • wincred • XSS
Poorly Secured Docker Image Comes Under Rapid Attack
April 17th, 2020 📆 | 5995 Views ⚑
Poorly Secured Docker Image Comes Under Rapid Attack Source link
Tagged with: attack • comes • docker • image • poorly • rapid • secured • under
Zoom, Kubernetes, and Hacking – PSW #646
April 10th, 2020 📆 | 5197 Views ⚑
A little about Zoom vulnerabilities and data leaks and Cisco Webex vulnerabilities. We talk about security Kubernetes and how the
Tagged with: ): Zoom • Application Security • breaches • cloud security • coding • container security • cyber crime • cyber security • DevSecOps • docker • exploits • firewall • hacker • hacking • kubernetes • network security • open-source • openshift • programmer • programming • PSW • software • software vulnerabilty • threats • vulnerabilities
If you don’t cover your Docker daemon API port you’ll have a hell of a time… because cryptocreeps are hunting for it • The Register
April 8th, 2020 📆 | 5669 Views ⚑
Some Docker installations are getting hammered by malware skiddies hoping to mine digital cash using other people’s CPU time. Infosec
Tagged with: API • because • cover • cryptocreeps • daemon • docker • Dont • hell • hunting • Port • register • Time • Youll
Docker Users Targeted with Crypto Malware Via Misconfigured APIs
April 6th, 2020 📆 | 5902 Views ⚑
Hackers are attempting to compromise Docker servers en masse via exposed APIs in order to spread cryptocurrency mining malware, according
Tagged with: APIs • crypto • docker • malware • misconfigured • targeted • users
Popular
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…![[webapps] Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)](https://www.digitalmunition.me/wp-content/uploads/spider-orange.png "[webapps] Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)")
[webapps] Sony Playstation 4 (PS4) < 7.02 -… December 26, 2020 Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit…
4 Most Common Types of Cybersecurity Threats December 25, 2020 There’s every indication that the pandemic is changing the…
Members
Comments