News

ZDNet5y
A hacking group is hijacking Docker systems with exposed API endpoints
A hacking group is currently mass-scanning the internet looking for Docker platforms that have API endpoints exposed ... host for rConfig configuration files, which it encrypts and steals, sending ...
TechRadar8mon
Docker API targeted by cryptojacking campaign looking to build mega botnet
Then, they used the Docker API to spawn an Alpine container, and mount the underlying host’s file system inside the container. The next step is to execute a shell command to pull an ...
CSOonline1y
Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent
A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS ...
Threat Post3y
Cryptomining Attack Exploits Docker API Misconfiguration Since 2019
Campaign exploits misconfigured Docker APIs to gain network entry and ... which grants unlimited privileges to run any command sudoers file. This controls how sudo works on a targeted machine ...
TechRepublic1y
How to Create and Use a Docker Secret From a File (+Video)
How to Create and Use a Docker Secret From a File (+Video) Your email has been sent In this step-by-step tutorial, learn how to create and use a Docker secret to help keep your data secure.
ZDNet4y
Botnets have been silently mass-scanning the internet for unsecured ENV files
Frameworks like Docker, Node.js, Symfony, and Django use ENV files to store environment variables, such as API tokens, passwords, and database logins. Due to the nature of the data they hold ...
Visual Studio Magazine9y
Docker Compose Files Can Be Edited Via Visual Studio Code
At DockerCon, a demo during a keynote shows Visual Studio Code capable of editing of Docker ... of a file, but by reaching out to some other data source." In this case, when IntelliSense encounters an ...