Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

sysdig

Cybersecurity in the Age of Regulation

Feb 5, 2024 By Karen Walker In Sysdig
Cybersecurity breaches are becoming more frequent and more impactful. Adversaries continue to grow stronger, and defenders aren’t always keeping pace. Add in the increasing number of nation-state actors in the threat landscape, and it’s hardly surprising that governments are starting to take a greater role in regulating security. On July 26th, 2023, the U.S.
Read Post

Cybersecurity in the Age of Regulation - Sysdig

Feb 5, 2024 By Sysdig In Sysdig
Cybersecurity breaches are becoming more frequent and more impactful. Adversaries continue to grow stronger, and defenders aren’t always keeping pace. On July 26th, 2023, the U.S. Securities and Exchange Commission issued new regulations on cybersecurity risk management, strategy, governance, and incident disclosure, leaving many companies concerned about how to ensure compliance with these new rules, and what changes they may need to make to get up to speed.
View Video
sysdig

Kernel Introspection from Linux to Windows

Feb 2, 2024 By Nigel Douglas In Sysdig
The cybersecurity landscape is undergoing a significant shift, moving from security tools monitoring applications running within userspace to advanced, real-time approaches that monitor system activity directly and safely within the kernel by using eBPF. This evolution in kernel introspection is particularly evident in the adoption of projects like Falco, Tetragon, and Tracee in Linux environments.
Read Post
tigera

Leveraging Recommended Metrics for Calico to optimize and secure Kubernetes application operations

Feb 2, 2024 By Leon Barron In Tigera
In the ever-evolving landscape of Kubernetes networking and security, Calico has proven to be a battle-hardened, scalable and robust solution. Core to Calico’s architecture are two components, Felix and Typha. And given their importance for running Kubernetes deployment, it is no surprise that monitoring these components is crucial to secure and maintain them for optimal cluster operation.
Read Post
sysdig

Detecting 'Leaky Vessels' Exploitation in Docker and Kubernetes

Feb 1, 2024 By Michael Clark In Sysdig
On January 31st 2024, Snyk announced the discovery of four vulnerabilities in Kubernetes and Docker. For Kubernetes, the vulnerabilities are specific to the runc CRI. Successful exploitation allows an attacker to escape the container and gain access to the host operating system. To exploit these vulnerabilities, an attacker will need to control the Dockerfile when the containers are built.
Read Post
sysdig

Sysdig Identifies a Cloud-Native Security Crossroads: Best Practices vs. Convenience and Speed

Jan 31, 2024 By Crystal Morin In Sysdig
Sysdig’s seventh annual Cloud-Native Security and Usage Report identifies how customers are developing, using, and securing cloud-native applications and environments. We analyze data from millions of containers and thousands of accounts and publish the most pertinent information for you. Security practitioners and leaders look forward to this report to identify trends and make adjustments to their cloud security strategy.
Read Post
Snyk

Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

Jan 31, 2024 By Rory McNamara In Snyk
Snyk has discovered a vulnerability in all versions of Docker Buildkit <=v0.12.4, as used by the Docker engine. Exploitation of this issue can result in arbitrary file and directory deletion in the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e, when using FROM). This issue has been assigned CVE-2024-23652.
Read Post
Snyk

Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

Jan 31, 2024 By Rory McNamara In Snyk
Snyk has discovered a vulnerability in all versions of Docker Buildkit <=v0.12.4, as used by the Docker engine. The exploitation of this issue can result in container escape to the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e. when using FROM). This issue has been assigned CVE-2024-23651.
Read Post
Snyk

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

Jan 31, 2024 By Rory McNamara In Snyk
Snyk has discovered a vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image or building an image using a malicious Dockerfile or upstream image (i.e., when using FROM). This issue has been assigned the CVE-2024-21626.
Read Post
Snyk

Leaky Vessels: Docker and runc container breakout vulnerabilities (January 2024)

Jan 31, 2024 By Jamie Smith In Snyk
Snyk security researcher Rory McNamara, with the Snyk Security Labs team, identified four vulnerabilities — dubbed "Leaky Vessels" — in core container infrastructure components that allow container escapes. An attacker could use these container escapes to gain unauthorized access to the underlying host operating system from within the container.
Read Post
Subscribe to Containers

Copyright © 2024 OpsMatters™. All rights reserved.