DockerHub database breach exposes 190K customer data including tokens for GitHub and Bitbucket repositories
On Friday, DockerHub informed its users of a security breach in its database, via email written by Kent Lamb, Director of Docker Support. The breach exposed sensitive information including some usernames and ...
Kubernetes Security: Sensitive Secrets Exposed
Cybersecurity researchers are warning of Kubernetes security issues amid the exposure of configuration secrets. It has been deemed that such exposure could put organizations at risk of supply chain attacks. Researchers believe ...
Controlled Shift Left: A Strategic Blueprint for Modern Software Security with Cycode
In the dynamic realm of software development, the concept of “Shift Left” has evolved from a mere buzzword to a necessity... The post Controlled Shift Left: A Strategic Blueprint for Modern Software ...
Shadow Tokens: Persistence Under The Radar
Exposed credentials are one of the most abused methods for gaining initial access... The post Shadow Tokens: Persistence Under The Radar appeared first on Cycode ...
8.5% of Docker images expose API and Private Keys
A new comprehensive study by researchers at RWTH Aachen University in Germany did a study on over 300,000 docker images finding that 8.5% contained API keys and private keys that malicious actors ...
C2 and the Docker Dance: Mythic 3.0’s Marvelous Microservice Moves
— Title by ChatGPT for introducing Mythic 3.0What is Mythic?Mythic is a plug-n-play command and control (C2) framework that heavily leverages Docker and a microservice architecture where new agents, communication channels, and modifications can ...
New Techniques Attackers Are Using to Harvest Your Secrets
Toyota Motor Corporation recently suffered a data breach due to a mistakenly exposed access key on GitHub. That hardcoded access key evaded detection for five years! This news joined a long line ...
How to Handle Secrets in Jenkins
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools ...
Rezilion Research Discovers Hidden Vulnerabilities in Hundreds of Docker Container Images
BE’ER SHEVA, Israel, (February 23) — Rezilion announced today the release of the company’s new research, “Hiding in Plain Sight: Hidden Vulnerabilities in Popular Open Source Containers,” uncovering the presence of hundreds ...
Report: Hundreds of Vulnerabilities Lurk Undetected in Containers
We’re excited to release an important piece of research today about dangerous vulnerabilities hiding in container images that are commonly used and found in organizations around the world. The report, titled “Hiding ...
