The fact that cloud native and container exploits are becoming more attractive targets for attackers as they grow in popularity is obvious. But as of late, some gaping security holes in both platforms have sparked even greater causes for concern.
To wit, a security hole was recently revealed — with a sure-fire fix lacking at the time when this article was posted — that detailed how an attacker can gain root access to Docker container hosts. The vulnerability, similar in scope to an symlink-race attack, a SUSE security researcher revealed how the present vulnerability is applicable to any host associated with a Docker engine.
Earlier this year, a Docker runtime exploit was revealed that exposed vulnerabilities in Docker, Kubernetes' and Docker’s runC.
It is always an easy bet to make that other Docker and cloud native vulnerabilities exist that have not yet been publicly revealed. And, needless to say, most attackers anyway are looking for easier doors to open — or, more accurately, doors opened for them — by running very easy-to-run password exploits.
Watch on YouTube: https://www.youtube.com/watch?v=KJG7dJdu5U8