ubuntu into Nexus Repo

Nexus Repository Now Supports APT

Beginning with version 3.17, Nexus Repository Manager supports APT (Advanced Package Tool) repositories. APT is a set of tools used to search, install, and manage packages on Debian, Ubuntu, and similar Linux ...
Go Behind the Scenes of a Docker Cryptojacking Attack

Go Behind the Scenes of a Docker Cryptojacking Attack

When Threat Stack security analyst Ethan Hansen saw an alert in a customer’s environment that read /temp [RANDOM] cnrig, he knew his afternoon was about to get interesting. As part of his ...
Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers ...
Microsoft Fixes 50 Flaws

Container Escape Vulnerability Puts Cloud Infrastructure at Risk

A serious vulnerability in runC, a tool used to spawn and run Linux containers, allows attackers to break out of containerized environments and gain full access to the underlying servers. RunC is ...
Security Boulevard

High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts

Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems. Further research has discovered that ...

In the Event of “Shutdown, Part 2,” Trust Your Instruments

| | Cloud, Docker, Federal, government
There is a principle long held by pilots that says as follows: “You have to trust your instruments.” This principle can be applied to organizations seeking to ensure the security of cloud ...
21 Developers & Docker Experts Reveal the Biggest Mistakes People Make When Switching to Docker Containers

21 Developers & Docker Experts Reveal the Biggest Mistakes People Make When Switching to Docker Containers

Containerized environments are increasingly popular, and Docker remains the most popular container solution for developers. But the process of moving from virtual machines to containers is complex. If you’re just getting started ...

Abusing Docker API | Socket

| | devoops, DEVOPS, Docker, Hacking, pentesting
Notes on abusing open Docker socketsThis wont cover breaking out of docker containersPorts: usually 2375 & 2376 but can be anythingRefs:https://blog.sourcerer.io/a-crash-course-on-docker-learn-to-swim-with-the-big-fish-6ff25e8958b0https://www.slideshare.net/BorgHan/hacking-docker-the-easy-wayhttps://blog.secureideas.com/2018/05/escaping-the-whale-things-you-probably-shouldnt-do-with-docker-part-1.htmlhttps://blog.secureideas.com/2018/08/escaping-the-whale-things-you-probably-shouldnt-do-with-docker-part-2.htmlhttps://infoslack.com/devops/exploring-docker-remote-apihttps://www.blackhat.com/docs/us-17/thursday/us-17-Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence_wp.pdfhttps://raesene.github.io/blog/2016/03/06/The-Dangers-Of-Docker.sock/https://cert.litnet.lt/2016/11/owning-system-through-an-exposed-docker-engine/https://medium.com/@riccardo.ancarani94/attacking-docker-exposed-api-3e01ffc3c124https://www.exploit-db.com/exploits/42356https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/docker_daemon_tcp.rbhttp://blog.nibblesec.org/2014/09/abusing-dockers-remote-apis.htmlhttps://www.prodefence.org/knock-knock-docker-will-you-let-me-in-open-api-abuse-in-docker-containers/https://blog.ropnop.com/plundering-docker-images/Enable docker socket (Create practice locations)https://success.docker.com/article/how-do-i-enable-the-remote-api-for-dockerdHaving the docker API | socket exposed ...
Docker Part 1: Getting Started in Docker for the sysadmin who doesnt know what the hell that is

Using Docker To Install OpenVAS On CentOS

An interesting post from Gerry Williams at gerrywilliams.net Description: Saw a post on r/sysadmin the other day with a walkthrough on using Docker for the first time. Thought I would take some ...

OpenVAS image for Docker on Ubuntu

| | Cloud Security, Docker, OpenVAS
A Docker container for OpenVAS on Ubuntu. By default, the latest images includes the OpenVAS Base as well as the NVTs and Certs required to run OpenVAS [...] ...
Loading...