MITRE ATT&CK v9 is out and includes ATT&CK for Containers
The Mitre Corporation has released the ninth version of its ATT&CK knowledge base of adversary tactics and techniques, which now also includes a newly created ATT&CK …
Most containers are running as root, which increases runtime security risk
While container usage reveals organizations are shifting left by scanning images during the build phase, DevOps teams are still leaving their environments open to attack, …
Canonical publishes set of secure container application images
Canonical has published the LTS Docker Image Portfolio, a curated set of secure container application images, on Docker Hub. The LTS Docker Image Portfolio comes with up to …
Cybersecurity training: Learn how to secure containerized environments
Driven by a strong curiosity to know how computers and computer programs are made, how they work, and how safe they are, Sheila A. Berta, Head of Security Research at Dreamlab …
Docker Enterprise Container Cloud helps enterprises ship code faster on public and private clouds
Docker Enterprise Container Cloud offers enterprises unprecedented speed to ship code faster on public clouds and on premise infrastructure. It simplifies Kubernetes with one …
Updated cryptojacking worm steals AWS credentials
A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services (AWS) credentials. What’s more, …
CloudPassage Halo’s new capabilities support generic Docker hosts, Kubernetes nodes, and AWS ECS
CloudPassage announced expanded container-related security capabilities for its award-winning Halo cloud security platform. A range of Halo’s capabilities have been …
Cryptojacking worm compromised over 2,000 Docker hosts
Security researchers have discovered a cryptojacking worm that propagates using containers in the Docker Engine (Community Edition) and has spread to more than 2,000 …
Sectigo integrates with five DevOps configuration management and container orchestration platforms
Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, released integrations with five of …
Attackers breached Docker Hub, grabbed keys and tokens
Docker, the company behing the popular virtualization tool bearing the same name, has announced late on Friday that it has suffered a security breach. There was no official …
RunC container escape flaw enables root access to host system
A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged …
Docker announces Docker Desktop Enterprise for building and deploying container-based solutions
Docker unveiled Docker Desktop Enterprise, a new desktop product that is the way to deliver enterprise production-ready containerized applications. With Docker Desktop …