A new high-severity glibc flaw (CVE-2023-6246) affecting major Linux distros like Debian, Ubuntu, and Fedora has been discovered, granting attackers root access. Additionally, new vulnerabilities in runC, a critical container management tool, allow attackers to escape containers and potentially gain root access to the host system. Furthermore, a new malware, HeadCrab 2.0, is turning Redis servers into a botnet for illegal cryptocurrency mining. Docker users are warned about a cryptojacking campaign called 'Commando Cat' exploiting exposed APIs. The FritzFrog botnet returns, using Log4Shell and PwnKit to exploit unpatched internal systems, employing new tactics to evade detection. The widespread adoption of containerization technologies poses significant risks to data integrity, confidentiality, and system stability.
We've patched our systems to address the recently disclosed container breakout vulnerabilities called Leaky Vessels. More on our blog: https://t.co/C1ZlNVMmmr
We've patched our systems to address the recently disclosed container breakout vulnerabilities called Leaky Vessels (CVE-2024-21626). More on our blog: https://t.co/C1ZlNVMmmr
Leaky Vessels Vulnerability Sinks Container Security https://t.co/mX9bMwLUxz @joab_jackson #LeakyVessels #vulnerability #ContainerSecurity
βWith the widespread adoption of containerization technologies in both development and production environments, such exploits pose significant risks to data integrity, confidentiality, and system stabilityβ-- @RedHat https://t.co/QYx79FGMjj #LeakyVessels #Docker #Kubernetes
π¨ FritzFrog botnet returns, using Log4Shell, memory-resident payloads, and PwnKit to exploit unpatched INTERNAL systems. Employing new tactics to stay hidden and evade detection. Learn more about FritzFrog β https://t.co/9S3p76tGaR #hacking #cybersecurity #technews
Alert, Docker users! A cryptojacking campaign called "Commando Cat" is exploiting exposed APIs. Secure your instances now. Learn more β https://t.co/wp2YpiplUU #crytocurrency #cybersecurity #hacking #linux
Sysadmins, beware! New HeadCrab 2.0 #malware is using fileless techniques to turn Redis servers into a botnet for illegal #cryptocurrency mining. Details here β https://t.co/98lDV1mzXs #cybersecurity #hacking
'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally: https://t.co/YD9FEWYiHV by darkreading #infosec #cybersecurity #technology #news
A new container escape vulnerability just dropped. It gives an attacker the ability to hop from container to host OS via runc. https://t.co/6dqR0Lig9t
RunC Flaws Enable Container Escapes, Granting Attackers Host Access: https://t.co/SJQoz6nwbT by The Hacker News #infosec #cybersecurity #technology #news
π₯ Leaky Vessels: Patch your containers ASAP! New vulnerabilities found in runC, a critical container management tool, allow attackers to escape containers, access sensitive data, and potentially gain root access to the host system. Details: https://t.co/tlY2mCgaZM #infosec
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware: https://t.co/ymVQrAXOL4 by The Hacker News #infosec #cybersecurity #technology #news
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros: https://t.co/2rSYBPmmQz by The Hacker News #infosec #cybersecurity #technology #news
π¨ A new glibc flaw (CVE-2023-6246) gives attackers root access on #Linux. This high-severity #vulnerability impacts major distros like Debian, Ubuntu, and Fedora. Don't wait, update your systems! Find details here β https://t.co/GDpfhY1EFw #cybersecurity #hacking