The rise in adoption of containers means a greater need for security awareness. Our infographic details the various threats that container users could encounter at each stage of the development pipeline.
Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2.153 and earlier.
A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.
DevOps entails pivotal shifts. Among them is the way monitoring and auditing are carried out. As requirements and technologies for developing, vetting, and deploying applications change, the requisites for monitoring and auditing also change.
A hacking campaign was uncovered that has so far affected more than 7,339 websites running on the Magento e-commerce platform. The attacks involve injecting MagentoCore, a malicious payment card data-stealing script, into the affected websites.