https://dev.to/manishfoodtechs/why-hackers-first-love-a-docker-container-hacking-docker-l97 The port 2375 is the de-facto standard for the Docker API. As it stands, the endpoint is unauthenticated and unencrypted. Kubernetes Machine Learning Hacked for Crypto Mining in Azure Cloud https://visualstudiomagazine.com/articles/2020/06/24/azure-attack.aspx 5 KUBERNETES SECURITY INCIDENTS AND WHAT WE CAN LEARN FROM THEM http://techgenix.com/5-kubernetes-security-incidents/ Docker servers infected with DDoS malware in extremely rare attacks https://www.zdnet.com/article/docker-servers-infected-with-ddos-malware-in-extremely-rare-attacks/ A slew of misconfigured Docker container registries has inadvertently exposed source code for 15,887 unique versions of applications owned by research institutes, retailers, news media organizations and technology companies. https://threatpost.com/docker-registries-malware-data-theft/152734/ Half of all Docker Hub images have at least one critical vulnerability https://www.csoonline.com/article/3599454/half-of-all-docker-hub-images-have-at-least-one-critical- vulnerability.html New Docker Container Escape Bug Affects Microsoft Azure Functions https://thehackernews.com/2021/01/new-docker-container-escape-bug-affects.html https://www.reddit.com/r/freebsd/comments/5vfj3w/docker_vs_jails/de1ujes? utm_source=share&utm_medium=web2x&context=3 People who say it's not a black and white issue are just flat out wrong. Do you care about security? Unless the answer is "I don't care that everybody on my system IS ROOT," Docker automatically fails. uid 0 is uid 0, period. Meaning a container can drop a rootkit onto a volume and own the host. cgroups do not even slightly mitigate this - they actively ENABLE it in fact. Class dismissed.
Enter the password to open this PDF file:
-
-
-
-
-
-
-
-
-
-
-
-