Privileged containers in Docker? A bad idea!

By default, containers run in unprivileged mode, that is, we cannot run Docker daemon inside a Docker container.
However, a privileged Docker container is allowed to access to all the devices on the host woth the same privileges of the process running on the host.

Continue reading “Privileged containers in Docker? A bad idea!”

CVE-2019-14271: a Docker ‘cp’ container escape vulnerability

Researchers from Paloalto Networks’ Unit42 discovered an issue in the implementation of the Docker cp command that can lead to full container escape if exploited by an attacker.

This would allow an attacker full root control of the host and all other containers in it.

Continue reading “CVE-2019-14271: a Docker ‘cp’ container escape vulnerability”

Meet Graboid, the first cryptojacking worm that spreads using Docker images: how to defend your infrastructure from this new threat?

Recently, researchers from Palo Alto Networks’ threat intelligence team Unit 42 have uncovered the first instance case of a cryptojacking worm that propagates via malicious Docker images.

Continue reading “Meet Graboid, the first cryptojacking worm that spreads using Docker images: how to defend your infrastructure from this new threat?”

Docker images under cryptojacking attack: how to check if a downloaded image is safe

Researchers at Kromtech Security Center discovers seventeen malicious Docker containers with embedded cryptominer applications that permitted to cybercriminals to earn $90,000 in 30 days.

Continue reading “Docker images under cryptojacking attack: how to check if a downloaded image is safe”