In the evolving landscape of container orchestration, Kubernetes has emerged as the de facto standard due to its flexibility, scalability, and robust...
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the...
Microsoft Azure Bastion and Azure Container Registry have each been found to have one potentially “dangerous” security flaw that, if taken advantage...
Rules_oci, an open-sourced Bazel plugin (“ruleset”) that makes it easier and more secure to create container images using Bazel, has been made...
Researchers at TrendMicro have uncovered a new risk to Docker containers, a piece of malware that they have called “TrafficStealer.” The purpose...
A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. “The attacker exploited a...
Cybersecurity specialists from Palo Alto Networks mention that patches released by Amazon Web Services (AWS) to address vulnerabilities in Log4j could be...
A report by CrowdStrike reveals that an extreme weakness affecting the CRI-O container engine for Kubernetes could be utilized to break free...
Cybersecurity specialists report the detection of a severe vulnerability in the Linux kernel whose exploitation would allow threat actors to escape from...
Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in...
Microsoft was informed about the vulnerability by Google but the company claimed it to be a “non-issue” and that it “will not...
Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been weaponized by a...
Project Zero, Google’s cybersecurity unit, published research detailing its analysis of the Windows firewall and AppContainer, Microsoft’s runtime environment that restricts applications...
Using Windows Server in a “Windows container”? Then beware of it, as recently, it has been confirmed that highly sophisticated malware has...
A group of researchers has found a new malware variant designed to breach the security of Windows containers in order to reach...
Security researchers have discovered the first known malware, dubbed “Siloscope,” targeting Windows Server containers to infect Kubernetes clusters in cloud environments. “Siloscape...
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It...
Cybersecurity specialists from Intezer report the finding of a privilege escalation vulnerability in Microsoft Azure Functions whose exploitation would allow threat actors...
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments. Quick reference Where to get help: the Pacu/CloudGoat/CCAT...
Researchers discovered a critical vulnerability in Docker that allows an attacker to take complete control of the host and the containers associated...
ArmourBird CSF – Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and...