Doomsday Docker security hole uncovered

STEVEN J. VAUGHAN-NICHOLS | February 11, 2019

article image
One of the great security fears about containers is that an attacker could infect a container with a malicious program, which could escape and attack the host system. Well, we now have a security hole that could be used by such an attack: RunC container breakout, CVE-2019-5736. RunC is the underlying container runtime for Docker, Kubernetes, and other container-dependent programs. It's an open-source command-line tool for spawning and running containers. Docker originally created it. Today, it's an Open Container Initiative (OCI) specification. It's widely used. Chance are, if you're using containers, you're running them on runC.According to Aleksa Sarai, a SUSE container senior software engineer and a runC maintainer, security researchers Adam Iwaniuk and Borys Popławski discovered a vulnerability, which "allows a malicious container to (with minimal user interaction) overwrite the host runc binary and thus gain root-level code execution on the host. The level of user interaction is being able.

Spotlight

Secret Double Octopus

Secret Double Octopus offers the world’s only keyless multi-shield authentication technology for users and things. Based on high resilience algorithms, originally developed to protect nuclear launch codes, Secret Double Octopus’ technology deprives cyber attackers from sufficient information for attacks, eliminating identity theft, SMS hijacking, man-in-the-middle, PKI manipulation, key theft, brute force and certificate authority weaknesses. This unprecedented level of security is coupled with an seamless user experience.

OTHER ARTICLES

Virtualization Can Help Substantially Reduce Computing Costs

Article | August 9, 2021

Businesses use a lot of technology to keep themselves competitive and Businesses use a lot of technology to keep themselves competitive and operationally efficient. One way that organizations use to make their technology infrastructure more accessible is through the use of virtualization. Let’s discuss what virtualization is, how it benefits businesses, and some examples of how you might consider leveraging virtualization to your company’s benefit. Virtualization for Hardware and Software Virtualization in its most basic sense is taking something and making it virtual. In regards to hardware and software, it involves taking these parts of your technology infrastructure and making them available in a virtual environment. Virtual applications and hardware solutions can be deployed to the cloud so that they can be accessed by any online device. Some examples of virtualization might include creating virtual machines, like workstations and server units, that are hosted in a virtual environment for as-needed access

Read More

How to automate the creation multiple routable VLANs on single L2 network using VyOS

Article | February 12, 2020

My personal homelab has a very simple network topology, everything is connected to a single flat network. This has served me well over the years, but sometimes it can prevent me from deploying more complex scenarios. Most recently while working with NSX-T and Project Pacific, I had a need for additional VLANs which my home router does not support. There are a number of software solutions that can be used including the popular pfSense, which I have used before. Over the Winter break, a colleague introduced me to VyOS, which is another popular software firewall and router solution. I had not heard of VyOS before but later realized it was derived from Vyatta, which I had heard of, but development of that solution had stopped and VyOS is now the open source version of that software. Having never played with VyoS before, I thought this might be a good learning opopournity and started to dabble with VyOS over the holiday.

Read More

Virtualizing Broadband Networks: Q&A with Tom Cloonan and David Grubb

Article | June 11, 2020

The future of broadband networks is fast, pervasive, reliable, and increasingly, virtual. Dell’Oro predicts that virtual CMTS/CCAP revenue will grow from $90 million in 2019 to $418 million worldwide in 2024. While network virtualization is still in its earliest stages of deployment, many operators have begun building their strategy for virtualizing one or more components of their broadband networks.

Read More

Discovering SCVMM and Its Features

Article | May 26, 2021

System Center Virtual Machine Manager (SCVMM) is a management tool for Microsoft’s Hyper-V virtualization platform. It is part of Microsoft’s System Center product suite, which also includes Configuration Manager and Operations Manager, among other tools. SCVMM provides a single pane of glass for managing your on-premises and cloud-based Hyper-V infrastructures, and it’s a more capable alternative to Windows Server tools built for the same purpose.

Read More

Spotlight

Secret Double Octopus

Secret Double Octopus offers the world’s only keyless multi-shield authentication technology for users and things. Based on high resilience algorithms, originally developed to protect nuclear launch codes, Secret Double Octopus’ technology deprives cyber attackers from sufficient information for attacks, eliminating identity theft, SMS hijacking, man-in-the-middle, PKI manipulation, key theft, brute force and certificate authority weaknesses. This unprecedented level of security is coupled with an seamless user experience.

Events