- May 14, 2019The rise in adoption of containers means a greater need for security awareness. Our infographic details the various threats that container users could encounter at each stage of the development pipeline.
- May 10, 2019Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2.153 and earlier.
- April 30, 2019In an email sent to their customers on April 26, Docker reported that the online repository of their popular container platform suffered a data breach that affected 190,000 users.
- April 04, 2019A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.
- March 19, 2019Cybercriminals are targeting cloud infrastructure via compromised container management platforms, malicious Docker images, API key theft, and control panel exploitation.
- March 12, 2019Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.
- February 28, 2019CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.
- November 28, 2018DevOps entails pivotal shifts. Among them is the way monitoring and auditing are carried out. As requirements and technologies for developing, vetting, and deploying applications change, the requisites for monitoring and auditing also change.
- September 03, 2018A hacking campaign was uncovered that has so far affected more than 7,339 websites running on the Magento e-commerce platform. The attacks involve injecting MagentoCore, a malicious payment card data-stealing script, into the affected websites.