Security News
Cloud security company Rezilion has analyzed some of the most popular Docker container images and determined that while they include many vulnerabilities, less than half of these flaws pose an actual risk. Rezilion's researchers have analyzed 20 of the most popular container images hosted on DockerHub, the largest library and community for container images.
Thousands of code repositories were found exposed in over one hundred Docker registries that are accessible from the Internet without authentication, Palo Alto Network reports. Docker registries are servers where Docker images are stored and organized into repositories, with each repo containing images of one application and multiple versions of the application, each with a unique tag.
"Although setting up a Docker registry server is straightforward, securing the communication and enforcing the access control requires extra configurations," the company said in a posting on Friday, explaining that researchers found the exposed registries via Shodan and Censys searches. As the security firm explained, Docker registries are essentially cloud servers, which are used to store and organize Docker images.
Learn how to avoid saving your Docker login credentials in plain text by creating an encrypted credential storage.
Learn how to avoid saving your Docker login credentials in plain text by creating an encrypted credential storage. I want to walk you through the process of enabling secure credential storage in Docker.
With 2FA enabled on your Docker Hub account, you'll find you cannot access it with your user password from within the CLI. Jack Wallen shows you how to make this work.
With 2FA enabled on your Docker Hub account, you'll find you cannot access it with your user password from within the CLI. Jack Wallen shows you how to make this work. If you've recently added two-factor authentication to your Docker Hub account, you've more than likely run into a situation where you can no longer access the account from the command line using the standard username/password credentials.
If you're concerned about the security of your code within Docker Hub, you might want to enable two-factor authentication.
Here’s an overview of some of last week’s most interesting news, reviews and articles: “Smart city” governments should also be smart about security While the definition of “smart city” is still...
Security researchers have discovered a cryptojacking worm that propagates using containers in the Docker Engine (Community Edition) and has spread to more than 2,000 vulnerable Docker hosts. “The...