23. June 2021

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

Aqua Security announced on Monday that information gathered from container honeypots over a six-month period indicated that 50% of misconfigured Docker APIs are attacked within 56 minutes of being set up. 

According to the study, it takes the opponents’ bots an average of five hours to scan a new honeypot. The quickest scan took only a few minutes, while the longest scan took 24 hours. This revelation, according to Assaf Morag, a principal data analyst with Aqua’s Team Nautilus, emphasizes the need of discovering and resolving cloud misconfigurations quickly or preventing them from occurring before app deployment. 

Security professionals, according to Morag, must be aware that even the smallest misconfiguration could expose their containers and Kubernetes clusters to a cyberattack. 

“The threat landscape has morphed as malicious adversaries extend their arsenals with new and advanced techniques to avoid detection,” stated Morag. 

“Although cryptocurrency mining is still the lowest hanging fruit and thus more targeted, we have seen more attacks that involve the delivery of malware, establishing of backdoors, and data and credentials theft. Focusing on misconfigurations is important, but companies also need a more holistic approach that includes a focus on supply chain attacks.” 

The findings of this paper were incorporated into the MITRE ATT&CK Container Framework’s development. Container security has been on MITRE’s radar for a while, but it was

[…]

Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: 50% of Misconfigured Containers Hit by Botnets in an Hour