Security News

The attack technique is script-based and dubbed "Autom", because it exploits the file "Autom.sh". Attackers have consistently abused the API misconfiguration during the campaign's active period, however the evasion tactics have varied - allowing adversaries to fly under the radar, wrote Aquasec's research arm Team Nautilus in a report published Wednesday.

Are you looking to deploy an in-house password manager server? Jack Wallen shows you how with Bitwarden and Docker. If you're seriously concerned about security and would rather not save your password database on a third-party server, you might want to consider deploying your own Bitwarden server.

Poorly configured Docker servers and being actively targeted by the TeamTNT hacking group in an ongoing campaign started last month. As illustrated in an attack workflow, the attack starts with creating a container on the vulnerable host using an exposed Docker REST API. TeamTNT then uses compromised, or actor-controlled Docker Hub accounts to host malicious images and deploy them on a targeted host.

Docker announced a new subscription plan for enterprises and free access to Docker Desktop for personal use, educational institutions, non-commercial open-source projects and small businesses. First, Docker is introducing a new product subscription: Docker Business.

Five malicious Docker container images were recently detected on Docker Hub, totaling more than 120,000 pulls. There's a new threat cybersecurity teams need to watch out for: malicious Docker containers hiding on legitimate sites like Docker Hub, where Aqua Security's threat research arm, Team Nautilus, found five images accounting for a whopping 120,000 pulls by unsuspecting users.

If you can't find your favorite Windows Subsystem for Linux distribution available in the Microsoft Store, a new program called EasyWSL can convert almost any Linux Docker image into a WSL distro. The Microsoft Store offers many prebuilt Linux WSL distributions such as Fedora, Ubuntu, Alpine, Kali, Debian, and more.

Jack Wallen shows you how to configure specific DNS servers for your Docker container deployments. You do not want your containers using the same DNS as your hosts.

Cybersecurity researchers have disclosed a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control communications. "The ransomware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions," researchers from Trend Micro said in a report published last week.

That's why Docker has expanded and improved its trusted content offerings for software developers with the launch of the Docker Verified Publisher Program. Docker, which shed its container engine and control plane to Mirantis in 2019, has been focusing on improving and securing its Docker Hub, the most popular service for finding and sharing container images.

Docker Bench for Security is a simple way of checking for common best practices around your Docker deployments in production. One such tool is a pre-built container, called Docker Bench for Security-it does a great job of auditing your container host and the currently running deployments.