Unit 42 CTR: Leaked Code from Docker Registries

Unit 42's Cloud Threat Report shows how unsecured registries in Docker can leak confidential data, fully compromise and interrupt businesses. | Continue reading


@unit42.paloaltonetworks.com | 14 days ago

What I Learned from Reverse Engineering Windows Containers

Our researcher provides an overview on containers - starting with their Linux history - and shows the different implementations of containers in Windows, how they work, the security pitfalls that may occur, as well as the internal implementation of objects that are necessary for … | Continue reading


@unit42.paloaltonetworks.com | 2 months ago

Docker Patched the Most Severe Copy Vulnerability to Date CVE-2019-14271

Unit 42 researchers share details on a severe Docker container breakout vulnerability and outline a proof-of-concept that demonstrates how it can be exploited if a container has been compromised by a previous attack. | Continue reading


@unit42.paloaltonetworks.com | 3 months ago

CryptoJacking Worm Found on Docker Hub

Unit 42 has discovered a new cryptojacking worm we’ve named Graboid has spread to more than 2,000 unsecured Docker hosts. | Continue reading


@unit42.paloaltonetworks.com | 4 months ago

Critical Privilege Escalation Vulnerability in Harbor (CVE-2019-16097)

Aviv Sasson, a security researcher from the cloud division of Unit 42, has identified a critical vulnerability in a widespread cloud native registry called Harbor. The vulnerability allows attackers to take over Harbor registries by sending them a malicious request. The maintaine … | Continue reading


@unit42.paloaltonetworks.com | 5 months ago

Making Containers More Isolated: An Overview of Sandboxed Container Technologies

Currently available container-based infrastructure has limitations because containers are not truly sandboxed and share the host OS kernel. The root of the problem is the weak separation between containers when the host OS creates a virtualized userland for each container. This b … | Continue reading


@unit42.paloaltonetworks.com | 8 months ago

Mac Malware Steals Cryptocurrency Exchanges’ Cookies

Palo Alto Networks’ Unit 42 recently discovered malware that we believe has been developed from OSX.DarthMiner, a malware known to target the Mac platform.This malware is capable of stealing browser cookies associated with mainstream cryptocurrency exchanges and wallet service we … | Continue reading


@unit42.paloaltonetworks.com | 1 year ago