%term

Detecting 'Leaky Vessels' Exploitation in Docker and Kubernetes

Feb 1, 2024 By Michael Clark In Sysdig

On January 31st 2024, Snyk announced the discovery of four vulnerabilities in Kubernetes and Docker. For Kubernetes, the vulnerabilities are specific to the runc CRI. Successful exploitation allows an attacker to escape the container and gain access to the host operating system. To exploit these vulnerabilities, an attacker will need to control the Dockerfile when the containers are built.

Read Post

Sysdig

Read more about Detecting 'Leaky Vessels' Exploitation in Docker and Kubernetes

Nucleus Product Update 4.1

Feb 1, 2024 By Sonia Blanks In Nucleus

Welcome to the Nucleus Product Update 4.1. It’s a new year with new things to get excited about together. Here’s to making 2024 a great one! 🥳 This update outlines lots of Nucleus happenings you don’t want to miss, including: We’re also including a link to our latest webinars, which are value-packed sessions you don’t want to miss. Get the details for all updates below.

Read Post

Nucleus

Read more about Nucleus Product Update 4.1

CSRF Attacks: Risk Analysis, Protection, and Anti-CSRF Tokens

Jan 31, 2024 By Vinugayathri Chinnasamy In Indusface

Cross-Site Request Forgery (CSRF) remains a continuing threat, exposing user data and application integrity. However, with proactive measures like anti-CSRF tokens and additional defenses, you can protect your applications against CSRF attacks. Let’s delve into the depths of CSRF vulnerabilities and explore practical strategies to boost your web application security.

Read Post

Indusface

Read more about CSRF Attacks: Risk Analysis, Protection, and Anti-CSRF Tokens

Security Insights: Jenkins CVE-2024-23897 RCE

Jan 31, 2024 By Michael Haag In Splunk

The recent identification of CVE-2024-23897 in Jenkins versions up to 2.441 has significantly heightened concerns within the cybersecurity community, particularly focusing on the implications for public-facing Jenkins servers. Jenkins servers are important for many organizations as they are used in continuous integration/continuous deployment (CI/CD) pipelines, automating stages of software development and deployment.

Read Post

Splunk

Read more about Security Insights: Jenkins CVE-2024-23897 RCE

How to Automate and Streamline Vulnerability Management Processes

Jan 31, 2024 By Nucleus In Nucleus

Scott Kuffer, COO and co-founder of Nucleus Security, and Sonia Blanks, Director of Product Marketing of Nucleus Security, discuss the role of automation in vulnerability management. They emphasize the importance of looking beyond individual parts of the process and instead focusing on automating the entire ecosystem. Scott shares insights on how to streamline the vulnerability management process, including the need for thorough preparation and defining desired outcomes.

View Video

Nucleus

Read more about How to Automate and Streamline Vulnerability Management Processes

TLS 1.0 and SSL Vulnerabilities: What You Need to Know

Jan 31, 2024 By Keren Pollack In CalCom

The PCI Security Standards Council requires all payment processors and merchants to move to TLS 1.2 and above. Organizations that don’t follow this standard do not meet PCI DSS.

Read Post

CalCom

Read more about TLS 1.0 and SSL Vulnerabilities: What You Need to Know

Why the future of AppSec is ASPM from Snyk AppRisk

Jan 31, 2024 By Snyk In Snyk

Applications are getting bigger and more complex. With sprawling software supply chains, distributed developers, AI-enhanced productivity, and more technology, deployment, and cloud options than ever securing applications is harder than ever. To enable fast and secure development in this new reality, AppSec needs a comprehensive, proactive approach — one that helps address what matters most to reduce risk. They need to implement ASPM to shift the AppSec paradigm.

View Video

Snyk

Read more about Why the future of AppSec is ASPM from Snyk AppRisk

Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

Jan 31, 2024 By Rory McNamara In Snyk

Snyk has discovered a vulnerability in all versions of Docker Buildkit <= v0.12.4, as used by the Docker engine. The exploitation of this issue can result in container escape to the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e, when using FROM). This issue has been assigned CVE-2024-23653.

Read Post

Snyk

Read more about Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

Jan 31, 2024 By Rory McNamara In Snyk

Snyk has discovered a vulnerability in all versions of Docker Buildkit <=v0.12.4, as used by the Docker engine. Exploitation of this issue can result in arbitrary file and directory deletion in the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e, when using FROM). This issue has been assigned CVE-2024-23652.

Read Post

Snyk

Read more about Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

Jan 31, 2024 By Rory McNamara In Snyk

Snyk has discovered a vulnerability in all versions of Docker Buildkit <=v0.12.4, as used by the Docker engine. The exploitation of this issue can result in container escape to the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e. when using FROM). This issue has been assigned CVE-2024-23651.

Read Post