In just about a week we will be live on stage at BlackHat 2017 with this tersely titled talk: Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers …
DevOps professionals continue to believe they can’t do their jobs properly because security slows down operations. Security pros, meanwhile, have largely failed to integrate security measures into DevOps initiative, resulting in unproductive …
RunC Like the Wind
Recently, an interesting vulnerability was discovered (CVE-2016-9962) that enables container escape to the host. The vulnerability stems from a bug found in opencontainers' runc code, which is used by several container engines, …
December 26, 2016
Cisco CloudCenter Orchestrator Docker Privilege Escalation Vulnerability Explained
Cisco announced a few days ago that it discovered and fixed a critical vulnerability in its CloudCenter Orchestrator, whereby a misconfiguration caused the Docker Engine management port to be reachable outside of the CloudCenter Orchestrator …
Working with several customers who are "heavy" adopters of Docker containers, we've seen environments where thousands of Docker images are built on almost a daily basis. Organizations that fully commit to continuous integration often commit …
Last month we announced support for Windows containers and automating image scanning as a step in Microsoft VSTS. I'm happy to announce that Aqua supports the new (yet to be officially released) Azure Container Registry, or ACR.
There has been plenty of buzz lately regarding an old-new privilege escalation vulnerability, adorably named “Dirty COW” after the Copy-On-Write memory protection in the Linux kernel. The whole thing started roughly eleven years ago, when a …