Tag: container
-
Agentless vs. Agent-Based Asset Discovery: Which One to Choose!
When you’re running on public cloud services like AWS, Azure, or Google Cloud, keeping track of what you actually have out there is easier said than done. The cloud is constantly moving, virtual machines pop up, containers spin down, databases expand, storage buckets appear and disappear. Miss one, and you risk compliance issues or even……
-
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
Tags: advisory, attack, authentication, breach, china, cisco, communications, container, corporate, country, cyber, data, exploit, firmware, flaw, government, group, hacking, infrastructure, intelligence, Internet, ivanti, malware, military, monitoring, network, password, router, service, software, technology, threat, update, vulnerability, zero-dayIvanti, Palo Alto Networks, Cisco flaws exploited: Salt Typhoon has been active since at least 2021, targeting critical infrastructure in telecom, transportation, government, and military bodies around the globe. Notably, a “cluster of activity” has been observed in the UK, according to the country’s National Cyber Security Centre.The group has had “considerable success” with “n-days,”…
-
Your Map for the Cloud Security Maze: An Integrated Cloud Security Solution That’s Part of an Exposure Management Approach
Tags: access, ai, attack, automation, business, ciso, cloud, container, control, cyber, cybersecurity, data, exploit, guide, identity, infrastructure, intelligence, kubernetes, mitigation, risk, strategy, threat, tool, vulnerability, vulnerability-managementCheck out highlights from the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” which explains how CNAPPs help security teams tame the complexity of multi-cloud environments by shifting from a reactive, alert-driven model to a proactive exposure management strategy. Organizations’ rapid expansion into the cloud has created a complex and…
-
Sicherheitslücken durch Fehlkonfigurationen vermeiden Containerisierung
Container-Technologien haben die IT-Landschaft revolutioniert, doch viele Unternehmen unterschätzen die Sicherheitsrisiken. Besonders im öffentlichen Sektor und Finanzwesen können falsche Konfigurationen zu schwerwiegenden Compliance-Verstößen führen. First seen on ap-verlag.de Jump to article: ap-verlag.de/sicherheitsluecken-durch-fehlkonfigurationen-vermeiden-containerisierung/98427/
-
Okta to Purchase Axiom Security to Bolster Privileged Access
Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&A. By acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta’s existing privileged access capabilities. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/okta-to-purchase-axiom-security-to-bolster-privileged-access-a-29303
-
Docker fixes critical Desktop flaw allowing container escapes
Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker Desktop app for Windows and macOS. An attacker can exploit the flaw to potentially escape…
-
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container.The vulnerability, tracked as CVE-2025-9074, carries a CVSS score of 9.3 out of 10.0. It has been addressed in version 4.44.3.”A malicious…
-
Critical Docker Desktop flaw lets attackers hijack Windows hosts
A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/
-
Windows Docker Desktop Vulnerability Allows Full Host Compromise
A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side Request Forgery (SSRF) attack. The flaw, designated CVE-2025-9074, was patched in Docker Desktop version 4.44.3 released in August 2025. CVE Details CVE ID CVE-2025-9074 CVSS Score Critical (Estimated 9.0+) Affected…
-
ASPM buyer’s guide: 7 products to help secure your applications
Tags: access, ai, api, application-security, attack, business, ceo, cloud, compliance, container, crowdstrike, data, detection, endpoint, exploit, gartner, google, guide, iam, identity, infrastructure, ivanti, marketplace, microsoft, monitoring, okta, open-source, oracle, programming, risk, software, supply-chain, threat, tool, vulnerability, vulnerability-managementProtect the software development lifecycle (SDLC) and supply chain pipelinesAutomate software testingIntegrate with various applications to mitigate and remove various risksFeatures offered by ASPMs vary widely. As a result, tools can prove difficult to evaluate in terms of exactly what is being protected, what data and metadata is being collected to inform security judgments, and…
-
5 key takeaways from Black Hat USA 2025
Tags: access, api, attack, authentication, botnet, business, cisco, cloud, container, control, credentials, data, endpoint, exploit, firmware, flaw, framework, Hardware, iam, login, malicious, malware, network, password, programming, rce, remote-code-execution, service, software, technology, tool, update, usa, vulnerability, windowsVaults can be cracked open: Critical vulnerabilities in popular enterprise credential vaults were unveiled by security researchers from Cyata during Black Hat.The flaws in various components of HashiCorp Vault and CyberArk Conjur, responsibly disclosed to the vendors and patched before their disclosure, stemmed from subtle logic flaws in authentication, validation, and policy enforcement mechanisms, as…
-
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out
Fargate is comparatively safe: Amazon’s design makes the EC2 host, not the container, the security boundary. When multiple tasks with varying IAM roles share the same EC2, the risk of lateral escalation via ECScape increases. AWS did not immediately respond to CSO’s request for comment.Sweet Security has recommended mitigations that include disabling or restricting IMDS…
-
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out
Fargate is comparatively safe: Amazon’s design makes the EC2 host, not the container, the security boundary. When multiple tasks with varying IAM roles share the same EC2, the risk of lateral escalation via ECScape increases. AWS did not immediately respond to CSO’s request for comment.Sweet Security has recommended mitigations that include disabling or restricting IMDS…
-
Amazon ECS Internal Protocol Exploited to Steal AWS Credentials from Other Tasks
Security researchers have disclosed a critical vulnerability in Amazon Elastic Container Service (ECS) that allows malicious containers to steal AWS credentials from other tasks running on the same EC2 instance. The attack, dubbed >>ECScape,
-
What is a CISO? The top IT security leader role explained
Tags: access, authentication, breach, business, ceo, cio, cisa, ciso, compliance, computer, container, control, corporate, credentials, cyber, cybersecurity, data, ddos, defense, dns, encryption, exploit, finance, firewall, framework, fraud, guide, Hardware, healthcare, infosec, infrastructure, intelligence, international, jobs, kubernetes, mitigation, msp, mssp, network, nist, programming, RedTeam, regulation, risk, risk-management, security-incident, service, skills, software, strategy, technology, threat, training, vpn, zero-day, zero-trust. You’ll often hear people say the difference between the two is that CISOs focus entirely on information security issues, while a CSOs remit is wider, also taking in physical security as well as risk management.But reality is messier. Many companies, especially smaller ones, have only one C-level security officer, called a CSO, with IT…
-
Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking
A software developer discovered a way to abuse an undocumented protocol in Amazon’s Elastic Container Service to escalate privileges, cross boundaries and gain access to other cloud resources. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/privilege-escalation-amazon-ecs-iam-hijacking
-
PCI 4.0-Konformität sicherstellen durch File-Integrity-Monitoring für Container
Der zunehmende Einsatz von Containern hat die moderne Infrastruktur revolutioniert und ermöglicht schnellere Innovationen und eine größere Skalierbarkeit. Diese Transformation bringt jedoch auch eine neue Welle von Compliance-Herausforderungen mit sich. PCI-DSS 4.0 führt strengere Anforderungen für das Schwachstellenmanagement und das File-Integrity-Monitoring (FIM) in dynamischen Umgebungen wie Kubernetes und containerisierten Workloads ein. Für viele Sicherheits- und…
-
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment.The attack technique has been codenamed ECScape by Sweet Security researcher Naor Haziz, who presented the findings today at the…
-
What Identity Federation Means for Workloads in Cloud-Native Environments
7 min readManaging identity across cloud providers used to be a human problem think SSO portals and workforce identity sync. However, as infrastructure becomes more automated, the real fragmentation now resides between workloads: CI/CD pipelines authenticating to SaaS tools, containers accessing APIs, and jobs calling into services across clouds. Each environment has its identity system,…
-
The AI Security Dilemma: Navigating the High-Stakes World of Cloud AI
Tags: access, ai, attack, cloud, container, control, credentials, cve, data, data-breach, flaw, google, identity, infrastructure, intelligence, least-privilege, microsoft, risk, service, software, tool, training, vulnerability, vulnerability-managementAI presents an incredible opportunity for organizations even as it expands the attack surface in new and complex ways. For security leaders, the goal isn’t to stop AI adoption but to enable it securely. Artificial Intelligence is no longer on the horizon; it’s here, and it’s being built and deployed in the cloud at a…
-
Minimal, Hardened, and Updated Daily: The New Standard for Secure Containers
Chainguard provides DevSecOps teams with a library of secure-by-default container images so that they don’t have to worry about software supply chain vulnerabilities. The startup is expanding its focus to include Java and Linux, as well. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/minimal-hardened-updated-daily-new-standard-secure-containers
-
CISA releases Thorium, an open-source, scalable platform for malware analysis
Tags: access, ceo, cio, cisa, compliance, container, control, cyber, cybersecurity, data, docker, framework, github, governance, incident response, kubernetes, malware, open-source, privacy, risk, skills, toolRethinking malware analysis at scale: Enterprise-grade malware analysis tools and platforms have been widely used in the security community. But many of them require paid licenses, lack orchestration at scale, or are difficult to integrate with enterprise workflows. Experts view Thorium as a significant democratization of advanced malware analysis technology.”It is a big deal as…
-
Kali Linux can now run in Apple containers on macOS systems
Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple’s new containerization framework. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kali-linux-can-now-run-in-apple-containers-on-macos-systems/