Security News

That's why Docker has expanded and improved its trusted content offerings for software developers with the launch of the Docker Verified Publisher Program. Docker, which shed its container engine and control plane to Mirantis in 2019, has been focusing on improving and securing its Docker Hub, the most popular service for finding and sharing container images.

Docker Bench for Security is a simple way of checking for common best practices around your Docker deployments in production. One such tool is a pre-built container, called Docker Bench for Security-it does a great job of auditing your container host and the currently running deployments.

At least 30 malicious images in Docker Hub, with a collective 20 million downloads, have been used to spread cryptomining malware, according to an analysis. The malicious images have raked in around $200,000 from cryptomining, according to Aviv Sasson, researcher with Palo Alto Networks' Unit 42, who found and reported the malicious activity.

Researchers found that more than two-dozen containers on Docker Hub have been downloaded more than 20 million times for cryptojacking operations spanning at least two years. Docker Hub is the largest library of container applications, allowing companies to share images internally or with their customers, or the developer community to distribute open-source projects.

Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. Following disclosure to Microsoft, the Windows maker is said to have "Determined that the vulnerability has no security impact on Function users, since the host itself is still protected by another defense boundary against the elevated position we reached in the container host."

Container security company Prevasio has analyzed 4 million public Docker container images hosted on Docker Hub and found that over half of them had critical vulnerabilities and thousands of images included malicious or potentially harmful elements. The cybersecurity firm used its Prevasio Analyzer service to analyze all the container images on Docker Hub, the largest library and community for container images.

Researchers first discovered Xanthe targeting a honeypot, which they created with the aim of discovering Docker threats. Misconfigured Docker servers are another way that Xanthe spreads.

Canonical, the publisher of the Ubuntu Linux distribution, announced on Tuesday that it has made available long-term support container images on Docker Hub, promising up to 10 years of security maintenance. Some of these hardened images have a five-year free security maintenance period - the standard security maintenance of the underlying Ubuntu LTS - while customers of Ubuntu Pro are provided access to ten-year Extended Security Maintenance images.

Docker Enterprise Container Cloud offers enterprises unprecedented speed to ship code faster on public clouds and on premise infrastructure. "Docker Enterprise Container Cloud and Lens will enable businesses to streamline delivery of hundreds of daily deployments across thousands of apps, overcoming the complexity of Kubernetes development at enterprise scale," said Mirantis customer Don Bauer, Docker Captain and VP Technology Services / DevOps Manager.

A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control domain names. The campaign starts with an increasingly common attack vector: The compromise of misconfigured Docker API ports.