By default, containers run in unprivileged mode, that is, we cannot run Docker daemon inside a Docker container.
Continue reading “Privileged containers in Docker? A bad idea!”
However, a privileged Docker container is allowed to access to all the devices on the host woth the same privileges of the process running on the host.
Researchers from Paloalto Networks’ Unit42 discovered an issue in the implementation of the Docker cp command that can lead to full container escape if exploited by an attacker.
This would allow an attacker full root control of the host and all other containers in it.
Continue reading “CVE-2019-14271: a Docker ‘cp’ container escape vulnerability”
Recently, researchers from Palo Alto Networks’ threat intelligence team Unit 42 have uncovered the first instance case of a cryptojacking worm that propagates via malicious Docker images.
Continue reading “Meet Graboid, the first cryptojacking worm that spreads using Docker images: how to defend your infrastructure from this new threat?”
Some time ago I’ve written a post about Tor Onion Services (formerly known as hidden services), and how to host them on a spare android smartphone.
Continue reading “Easily setup a Onion Service using Docker”
Researchers at Kromtech Security Center discovers seventeen malicious Docker containers with embedded cryptominer applications that permitted to cybercriminals to earn $90,000 in 30 days.
Continue reading “Docker images under cryptojacking attack: how to check if a downloaded image is safe”