ArmourBird CSF – Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two components: a) CSF Client This component is responsible for monitoring the docker installations, […]
BOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly with common CI/CD technologies. What does it do? BOtB is a CLI tool which allows you to: Exploit common container vulnerabilities Perform common container post exploitation actions Provide capability when certain tools or […]
BOtB (Break out the Box) is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly with common CI/CD technologies. What does it do? BOtB is a CLI tool which allows you to: Exploit common container vulnerabilities Perform common container post exploitation actions Provide capability when […]
ArmourBird CSF – Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two components: a) CSF Client This component is responsible for monitoring the docker installations, containers, […]
Dockernymous is a start script for Docker that runs and configures two individual Linux containers in order to act as an anonymization workstation-gateway set up. t’s aimed towards experienced Linux/Docker users, security professionals and penetration testers! The gateway container acts as a Anonymizing Middlebox (see https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy) and routes ALL traffic from the workstation container through […]
A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system. The vulnerability, identified as CVE-2019-5736, was discovered by open source security researchers Adam Iwaniuk and Borys Popławski and publicly […]
Vulnerability has a score of 7.2/10 on the CVSS scale Linux system users are dealing with a new threat. According to network security and ethical hacking specialists from the International Institute of Cyber Security, a critical vulnerability has been discovered affecting the runC runtime container function that works with Docker, cri-o, containerd and Kubernetes. RunC […]
A major security flaw under CVE-2019-05736 that has affected runC is now patched, thanks to the hard work of its developers. The vulnerability enabled a guest container’s root privileges to create a side effect root powers for the host system. In other words, it was a critical flaw where a privilege guest access in a […]
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production. The tests are all automated, and are inspired by the CIS Docker Community Edition Benchmark v1.1.0. We are releasing this as a follow-up to our Understanding Docker Security and Best Practices blog post. We […]
The Fedora Project Leader Matthew Miller has announced Fedora CoreOS. It’s a big announcement as it’s going to serve as the new upstream to Red Hat’s CoreOS. For those who need some context, earlier this year, Red Hat acquired Container Linux by CoreOS. As per the official blog post, Fedora CoreOS is going to be built […]
LAS VEGAS—A novel attack vector allows for adversaries to abuse the Docker API to hide malware on targeted systems, and even execute remote code. The proof of concept attack was developed by researchers at Aqua Security, and the technique was first demonstrated today at Black Hat by Sagie Dulce, senior security researcher, with Aqua Security. […]
Mobile security experts from Skycure have found two methods for bypassing the security containers put around “Android for Work,” allowing attackers to access business data saved in this seemingly secure environment. “Android for Work” is a security mechanism that Google added in Android with version 5.0 (Lollipop), which it launched in 2015. Currently rebranded under […]
Docker has patched a privilege escalation vulnerability (CVE-2016-9962) that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container. The vulnerability is rated high severity by some Linux distributions such as Arch Linux, which traces the problem to a bug found in the “opencontainers’ runc” code, used […]
Short Bytes: HypriotOS 1.0.0 release recently arrived. It enables you to run Docker containers on entire Raspberry Pi family. HypriotOS is a Debian derivative that comes with out of the box Docker Engine 1.12.1. You need to simply install HypriotOS on your SD card using Hypriot flash tool and run a couple of commands to get this OS up and […]
Short Bytes: The latest Windows 10 Insider Build has brought Hyper-V container support to Windows. This will allow a user to run Linux-based Docker containers natively on Windows 10 operating system. Microsoft has also shared a quick-start guide to help you deploy your first container. In my previous post on Windows 10, I told you […]
Short Bytes: Linux containers (LXC) are very popular these days among developers and companies (perhaps due to Docker, which leverages LXC on the back-end). LXC, as a lightweight, serves as an alternative to full machine virtualization such as those provided by “traditional” hypervisors like VirtualBox, VMWare, KVM, Xen, or ESXi. Today, we are starting a complete […]