Click For Photo: https://regmedia.co.uk/2017/04/19/hotel_shutterstock.jpg
Roundup Here's a quick summary of news in the world of information security beyond everything we've already covered.
Last week was not a great week for the Docker security team, first with the revelation of a race condition flaw, then with a warning from Trend Micro of active attacks against Docker installations.
Infosec - House - Number - Docker - Containers
The infosec house said it spotted a number of infected Docker containers running Monero mining scripts. The malware probes running containers to check for open APIs and, if exposed, then uses the API to install a Monero mining script on the container, which then run a Shodan.io search to look for further containers to infect.
This does not appear to be a one-off attack, either, as Trend senior threat researcher Alfredo Oliveira believes more Docker containers will be targeted in the future.
Adoption - Containers - Increase - Threats - Technology
"The increased adoption of containers has also led to an increase in threats that target the technology. These threats are often successful, not only due to the exploitation of flaws and vulnerabilities in the container software but also due to misconfiguration, which remains a constant challenge for organizations," Oliveira said.
"In this case, the hosts that have exposed APIs are not just victims of cryptocurrency-mining operations — they also contribute further to the distribution of the infected containers."
Bad - News - Anyone - NGINginxNX - Server
Bad news for anyone running an NGINginxNX server (so around 30 per cent of the websites on the planet): make sure your installation is up to date, and stays up to date.
Alisa Esage (via the Trend ZDI) has privately reported at least one remote code execution flaw in Nginx that will definitely warrant an immediate patch when available. While Nginx claims the two bugs she found and disclosed can't be easily exploited in the wild, Esage is not so sure.
Bugs - Array - Overflow - Version - Integer
One of the bugs, an array overflow, was addressed in version 0.3.2, and an integer...
Wake Up To Breaking News!