Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Attacking Containers and runC - Trend Micro & Deep Security

Istock-1070496134-1024x682

This week a new vulnerability was published (CVE-2019-5736) that highlights everything bad and good about containers. Simply put, this vulnerability can be exploited using an infected container to attack the host. It’s a real world example of a breakout attack that has long been a major concern in virtualized and container environment.

Here, the attack highlights the biggest security weakness of containers: they are loosely isolated sharing the same host operating system. This is in stark contrast to virtual machines which are isolated instances of a complete operating system.

CVE-2019-5736

The vulnerability itself can be exploited by an attacker using a custom container or by gaining write access to an existing container. They then can manipulate the symbolic process link (/proc/self/exe/) in order to overwrite the runC library. runC is portable, lightweight container runtime. It’s a critical piece of container infrastructure.

In this attack, once runC is overwritten and...(continued)

View All Trending Stories