Browsing tag
Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an “adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine,” Australian cybersecurity […]
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. “This is the first documented case of malware deploying the 9Hits application as a payload,” cloud security firm Cado said, adding […]
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. “The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack,” cloud security firm Aqua said in a report shared with The Hacker News. The […]
The hacker controlled 250GB worth of the NewsBlur database and ransomed it before deleting it. NewsBlur is a US-based software company that runs an online RSS newsreader service. NewsBlur suffered a service outage after a hacker wiped its database. Reportedly, the hacker (or script kiddie, as NewsBlur’s founder called it) gained access to its database […]
Researchers discovered a critical vulnerability in Docker that allows an attacker to take complete control of the host and the containers associated with it. The Docker vulnerability resides in the copy command (cp) used in containers platforms such as Docker, Podman, and Kubernetes. This command can be used to copy files & folders between the […]
Introduction Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable. Use Case: Gather as many public facing servers that a target organization possesses. Querying DNS resources […]
According to IT security audits specialists all versions of the Docker software are impacted by a race condition vulnerability that, if exploited, could allow hackers to access the compromised system with root privileges. In the CVE-2018-15664vulnerability report, it is explained that the API endpoints of ‘Docker cp’, a command to copy files between the host […]
Microsoft says its official Microsoft images hosted in Docker Hub have not been compromised. The company behind Docker, a computer program developed to manage operating-system-level virtualization has announced that it has suffered a data breach and as a result, one of Docker Hub databases have been accessed by unknown hackers. The attack was detected on […]
In recent days, a still not identified hacker group got unauthorized access to a Docker database, a company dedicated to programmer software development, compromising around 200k users’ accounts, as reported by cyber forensics course specialists. Docker allows developers to run software packages (containers), which are employed by some of the world’s leading technology companies. According […]
Docker Hub, one of the largest cloud-based library of Docker container images, has suffered a data breach after an unknown attacker gained access to the company’s single Hub database. Docker Hub is an online repository service where users and partners can create, test, store and distribute Docker container images, both publicly and privately. The breach […]
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production. The tests are all automated, and are inspired by the CIS Docker Community Edition Benchmark v1.1.0. We are releasing this as a follow-up to our Understanding Docker Security and Best Practices blog post. We […]
A set of scripts compromises the security of Docker services According to reports of cybersecurity and digital forensics specialists from the International Institute of Cyber Security, malicious hackers seeking an easy way to mine cryptocurrency without the users’ consent are actively attacking the publicly exposed Docker services. According to specialists, hackers use a malicious script capable of […]
Metadata-Attacker or a set of cross-site scripting vectors to test any webservice against possible XSS vulnerabilities when displaying unfiltered meta datWith this small suite of open source pentesting tools you’re able to create an image (.jpg), audio (.mp3) or video (.mp4) file containing your custoa. Installation / Usage First install docker on your host system. […]
Easily run a hidden service inside the Tor network with this container Generate the skeleton configuration for you hidden service, replace for your hidden service pattern name. Example, if you want to your hidden service contain the word ‘boss’, just use this word as argument. You can use regular expressions, like ^boss, will generate an […]
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third […]
Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can: Identify hop delays. Identify the source of the email. Identify hop country. MHA is an alternative for the following: Name Dev Issues MessageHeader Google Not showing all the hops. EmailHeaders […]
About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are stored in yaml files so they can be both easily read by humans and […]
Short Bytes: HypriotOS 1.0.0 release recently arrived. It enables you to run Docker containers on entire Raspberry Pi family. HypriotOS is a Debian derivative that comes with out of the box Docker Engine 1.12.1. You need to simply install HypriotOS on your SD card using Hypriot flash tool and run a couple of commands to get this OS up and […]
Short Bytes: An Indian security researcher was able to find Vine’s source code in plain sight. All he had to do was run a pull request of Vine’s publicly visible Docker image and he was even able to host Vine’s website locally. After he reported the bug to Twitter, the company patched the flaw and […]
Short Bytes: The latest Windows 10 Insider Build has brought Hyper-V container support to Windows. This will allow a user to run Linux-based Docker containers natively on Windows 10 operating system. Microsoft has also shared a quick-start guide to help you deploy your first container. In my previous post on Windows 10, I told you […]
Short Bytes: Docker images, Docker containers, Docker Hub, Compose, Machine, Swarm etc. are frequently used terms when working with Docker. In this article, we will be explaining you various terminologies used with Docker Ecosystem to help you get started with next step. In getting started with Docker – Part-1, we outlined the fundamental concepts of Linux containers […]