Podcasts
Research Saturday
Ep 227
Research Saturday 4.9.22
Ep 227 | 4.9.22

The secrets behind Docker.

Show Notes
Transcript

Alon Zahavi from CyberArk, joins Dave Bittner on this episode to discuss CyberArk's work in conjunction with Patch Tuesday. CyberArk published about how Docker inadvertently created a new vulnerability and what happens when it's exploited.

CyberArk's research concluded that an attacker may execute files with capabilities or setuid files in order to escalate its privileges up to root level. CyberArk found the new vuln in some of Microsoft’s Docker images, caused by misuse of Linux capabilities, a powerful additional layer of security that gives admins the ability to assign capabilities and privileges to processes and files in the Linux system

The research can be found here:

Research Saturday
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Saturdays
Creator: CyberWire, Inc.
Research Saturday
ADVERTISEMENT
Sponsored by Kolide
Sponsored by Kolide

Kolide sends employees important, timely, and relevant security recommendations for their Linux, Mac, and Windows devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model. Learn more.

Sponsored by Kasada
Sponsored by Kasada

Kasada provides the most effective and easiest way to defend against advanced persistent bot attacks across web, mobile, and API channels. Learn more.