Security News > 2021 > August > Security alert: The threat is coming from inside your Docker container images
Five malicious Docker container images were recently detected on Docker Hub, totaling more than 120,000 pulls.
There's a new threat cybersecurity teams need to watch out for: malicious Docker containers hiding on legitimate sites like Docker Hub, where Aqua Security's threat research arm, Team Nautilus, found five images accounting for a whopping 120,000 pulls by unsuspecting users.
Team Nautilus is further warning that the malicious Docker images could be part of a larger software supply chain attack with its eyes on disrupting cloud-native environments.
The other two malicious Docker images-openjdk and golang-attempt to trick users into believing they are images for the open source Java implementation OpenJDK and open-source programming language Go. It's these that are likely part of a supply chain attack aiming to infect the companies that pull those images.
"Create a curated internal registry for base container images and limit who can access public registries. Enact policies that ensure container images are vetted before they are included in the internal registry," Morag said.
"It's important to ensure that the container images in use are the same ones that have been vetted and approved," Morag said.
News URL
Related news
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' (source)
- Are threat feeds masking your biggest security blind spot? (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)