CVE-2019-16928, a vulnerability involving the message transfer agent Exim, could result in threat actors being able to launch denial-of-service (DoS) or remote code execution (RCE) attacks.
The complexity of container infrastructure, if not properly accounted for, can pose serious security risks. To minimize risks when building in containers, we came up with six steps that developers can follow.
In a survey commissioned by Trend Micro, majority of the respondents shared their concern for the risks in implementing DevOps. Learn why consulting IT security teams in the initiatives can help bridge gaps between production and security.
Threat actors are targeting Linux servers with vulnerable software, namely the project management tool Jira and the message transfer agent Exim, using a variant of the Watchbog trojan, which drops a Monero miner to expand their botnet.
Two vulnerabilities, assigned CVE-2019-9629 and CVE-2019-9630, were uncovered in Sonatype’s Nexus Repository Manager (NXRM) — an open-source governance platform used by DevOps professionals.
Kubernetes announced the discovery of CVE-2019-11246, a high-severity vulnerability affecting the command-line interface kubectl, during an ongoing third-party security audit.
Roughly 19% of the top 1,000 most popular containers on the Docker Hub portal are misconfigured, leaving them vulnerable to attacks given specific conditions.
The rise in adoption of containers means a greater need for security awareness. Our infographic details the various threats that container users could encounter at each stage of the development pipeline.