Aqua Blog

Container Vulnerability

Docker API Honeypots

Threat Alert: Maneuver Docker API for Host Takeover

Docker clients can communicate with the daemon either locally, via a unix socket, or over a network via a TCP socket. Aqua's research team discovered an interesting attack vector running on top of an unsecured Docker socket API. Instead of running a malicious Docker image, the attacker changes the traditional …

Continue reading ›
CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions

CVE-2019-14287 sudo Vulnerability Allows Bypass of User Restrictions

A new vulnerability was discovered earlier this week in the sudo package. Sudo is one of the most powerful and commonly used utilities installed on almost every UNIX and Linux-based operating system.

Continue reading ›
container security

Crypto-mining Attack: The Container Security Demo that Went Terribly Right

Sometimes life, a.k.a., the internet, throws us a bone when it comes to running demonstrations on security tools.   

Continue reading ›
Kubernetes Security

CVE-2019-11246: Another kubectl Path Traversal Vulnerability Disclosed

A new vulnerability (CVE-2019-11246) was disclosed that enables path traversal in kubectl, the popular command line interface for running commands on Kubernetes clusters. What’s interesting about this CVE is that we’ve already seen two previous variations of the same vulnerability disclosed and patched. Read on to …

Continue reading ›
Docker Image Vulnerability Scanning

CVE-2019-5021: Alpine Docker Image ‘null root password’ Vulnerability

A new vulnerability that impacts Alpine Docker images was published last week. The vulnerability is due to the ‘root’ user password which is set, by default, to NULL on Alpine Docker images from version 3.3 or higher.

Continue reading ›
container security

Vulnerabilities in the Container Ecosystem: A Brief History

Now that containers have been around for a few years and have had their share of disclosed vulnerabilities, it’s time to revisit some of the more interesting ones and see if there’s a recurring theme or any underlying trend to highlight.

Continue reading ›
Docker_Hub_Incident_2nologo

Docker Hub Unauthorized Access Incident: What You Should Know

A few days ago, Docker discovered that a database holding the credentials of some 190,000 Docker Hub accounts was exposed to unauthorized access (about 5% of all Docker Hub accounts). We’ve been getting questions from customers on this, so I wanted to set the record straight on what we know and what we recommend doing.

Continue reading ›
Kube-hunter - an open source tool for Kubernetes penetration testing

Kube-hunter - an open source tool for Kubernetes penetration testing

Aqua released a free tool called kube-hunter to help with Kubernetes SecurityYou give it the IP or DNS name of your Kubernetes cluster, and kube-hunter probes for security issues - it’s like automated penetration testing. 

Continue reading ›
SystemCalls_Profiling_BLOG-315_650.png

Aqua 3.2: Preventing Container Breakouts with Dynamic System Call Profiling

Recently, IBM researchers weighed in on container isolation, having developed an algorithm for measuring how well it works, and reached the conclusion that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor."

Continue reading ›
stackclash bugs.png

Bugs Gone Wild: Container (Stack) Clash and CVE-2017-1000253

A “Stack Clash” is a vulnerability in the memory management of several operating systems, including Linux. It can be exploited by attackers to corrupt memory of a privileged process in order to execute arbitrary code.

Continue reading ›
Equifax breach

Equifax Breach Hindsight - What If They Used Containers?

What are the chances that your name, address and social security number have been stolen? If you are an American citizen, the answer is ‘about 50/50’. The reason, perhaps not surprisingly, is a recent data breach. Records of 143M customers of Equifax, a large credit reporting company, were stolen.

Continue reading ›

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...