Severe Privilege Escalation Vulnerability in Kubernetes (CVE-2018-1002105)

Severe-Privilege--BLOG-650_315.png

Earlier this week, a severe vulnerability in Kubernetes (CVE-2018-1002105) was disclosed that allows an unauthenticated user to perform privilege escalation and gain full admin privileges on a[…]

"Jack-in-the-Box" Vulnerability When Unpacking Images (CVE-2018-8115)

jack-in-the-box-cve.png

Last week, Michael Hanselmann published details of a remote code execution vulnerability (CVE-2018-8115) that impacts Docker for Windows. As he described it: “Docker for Windows uses the Windows[…]

Aqua’s New MicroScanner: Free Image Vulnerability Scanner for Developers

Aqua’s new MicroScanner_ Free Image Vulnerability Scanner for Developers

At Aqua we’ve been working on a new, free-to-use tool for scanning your container images for package vulnerabilities. MicroScanner uses the same vulnerability database as Aqua’s best-in-class[…]

Using Aqua to Secure Applications on Pivotal Cloud Foundry

PCF banner.png

Many organizations use Pivotal Cloud Foundry (PCF), one of the world’s most powerful cloud-native platforms. PCF enables developers and operators to iterate rapidly, and help expand and launch[…]

Protecting Hybrid-Cloud Workloads? Lessons from ESG Survey

Protecting Hybrid-Cloud Workloads Lessons from ESG Survey

Today’s #1 Attack: Zero-day exploits of new and previously unknown vulnerability in apps and OSs

Container Security Top Challenges: Lack of adequate and disparate security tools, vulnerabilities[…]

eBPF Vulnerability (CVE-2017-16995): When the Doorman Becomes the Backdoor

ebpf vulnerability backdoor

Co-written by Nahman Khayet and Michael Cherny

eBPF Verifier Bypass Vulnerability

Around the last week of December a tweet by Bruce Leidl caught our eyes, since it said “Straight up unlimited R/W[…]

Do Containers Provide Better Protection Against Meltdown and Spectre?

meltdown_bg.png

About Meltdown and Spectre

Following the trend of ‘branding’ vulnerabilities, Meltdown and Spectre vulnerabilities (CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715) are ‘brand’ names given to[…]

How Aqua Scans Container Images On-Demand From The AWS Marketplace

blog-pps.png

Today we announced the availability of a new offering on AWS - our on-demand, pay-per-scan security scanner for container images is now available in the AWS Marketplace. The scanner is a[…]

Survey Reveals: Detecting Vulnerabilities in Images and Managing Secrets Are Top Focus

Container Security in The Enterprise Survey- Detecting Vulnerabilities in Images and Secrets Management Are Top Focus Areas – For Now (2).png

Last month at DockerCon Europe we learned that container adoption is rising to a whole new level with 24 billion container downloads and 77K% growth in Docker job listings. This is when Docker[…]

Bugs Gone Wild: Container (Stack) Clash and CVE-2017-1000253

stackclash bugs.png

A “Stack Clash” is a vulnerability in the memory management of several operating systems, including Linux. It can be exploited by attackers to corrupt memory of a privileged process in order to […]

Subscribe to Email Updates