Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk has discovered a vulnerability in all versions of Docker Buildkit <=v0.12.4, as used by the Docker engine. The exploitation of this issue can result in container escape to the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e. when using FROM). This issue has been assigned CVE-2024-23651.

Snyk has discovered a vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image or building an image using a malicious Dockerfile or upstream image (i.e., when using FROM). This issue has been assigned the CVE-2024-21626.

Snyk security researcher Rory McNamara, with the Snyk Security Labs team, identified four vulnerabilities — dubbed "Leaky Vessels" — in core container infrastructure components that allow container escapes. An attacker could use these container escapes to gain unauthorized access to the underlying host operating system from within the container.

One-Time Share is a feature Keeper® Password Manager offers that allows users to securely share passwords and other sensitive data with anyone on a time-limited basis. When using One-Time Share, the recipient does not have to be a Keeper user themselves, making it convenient to securely share sensitive information with anyone. Continue reading to learn more about One-Time Share and the benefits of using this feature when sending sensitive logins and other data.

NXDOMAIN, indicating the non-existence of a queried domain, poses significant challenges within Kubernetes, impacting application functionality, service communication, and overall cluster stability. Investigating NXDOMAIN responses in Kubernetes is vital for sustaining the reliability, performance, and security in a containerized environment.

Planet Home Lending (PHL) is a real estate and homeowner agency that assists consumers in finding and financing lasting homes. PHL has 20 locations, from California to Alabama and Spokane to New Orleans. Citrix Systems, a worldwide technology solutions provider, created one aspect of PHL’s network. In 2023, officials found Citrix to have a destructive vulnerability, which allowed cybercriminals to access the networks of Citrix clients.

Do you know what 23andMe, Jason's Deli, North Face, and Hot Topic have in common? They've all been breached by successful credential stuffing attacks in the last year! An attack type that has gained prominence in recent years is credential stuffing. In this blog, we will explore what credential stuffing is, discuss current approaches to mitigate this type of attack, and their weaknesses. Additionally, we'll share our insights on what needs to be.

Cross-Site Request Forgery (CSRF) remains a continuing threat, exposing user data and application integrity. However, with proactive measures like anti-CSRF tokens and additional defenses, you can protect your applications against CSRF attacks. Let’s delve into the depths of CSRF vulnerabilities and explore practical strategies to boost your web application security.