Dark Reading

TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls

An apparent operational security slip-up by a member of the TeamTNT threat group has exposed some of the tactics it's using to exploit poorly configured Docker servers. Security researchers from Trend ...
Bleeping Computer

Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware

Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building ...
CSOonline

Docker malware breaks in through exposed APIs, then changes the locks

The new variant of Docker-targeting malware skips cryptomining in favor of persistence, backdoors, and even blocking rivals from accessing exposed APIs. A newly discovered strain of a cryptomining ...
Bleeping Computer

Exposed Docker APIs Continue to Be Used for Cryptojacking

Exposed Docker APIs continue to be used by attackers to create new containers that perform cryptojacking. Earlier this year we reported on attackers utilizing insecure Docker and Kubernetes systems to ...
CSOonline

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet ...
XDA Developers on MSN

I built my entire developer workflow around these Docker containers, and I’m not going back

The backbone of my setup.