WinNTi League of Legends infected with PlugX ShadowPad PetyaWrap Juniper Networks finds unauthorized code in their products Operation WilySupply Kingslayer Handbrake contains Proton RAT Transmission infected again with OSX/Keydnap Transmission infected with KeRanger CCleaner contains trojan 2009 ExpressLane
WinNTi League of Legends infected with PlugX ShadowPad PetyaWrap Juniper Networks finds unauthorized code in their products Operation WilySupply Kingslayer Handbrake contains Proton RAT Transmission infected again with OSX/Keydnap Transmission infected with KeRanger CCleaner contains trojan 2009 ExpressLane
Juniper Networks finds unauthorized code in their products Operation WilySupply Kingslayer Handbrake contains Proton RAT Transmission infected again with OSX/Keydnap Transmission infected with KeRanger CCleaner contains trojan Developers Distribution Center
•Utilize registry API to confirm auth status: •Profit Docker-Distribution-Api-Version: HTTP GET request to /v2/: if HTTP status == 200: print “R/W access”
•Utilize registry API to confirm auth status: •Profit More profit: scan with zmap for common registry ports, repeat the API procedures on the results Docker-Distribution-Api-Version: HTTP GET request to /v2/: if HTTP status == 200: print “R/W access”
to 60% of the found registries § Read access to a further 30% § Only 10% securely configured § 45% of those found owned by big companies we didn’t even scan the whole internet!
that was developed in order to find authentication problems in a containerized environments (and more) •Modular Pluggable design •Written in Python •Can be deployed as a container •Will come with 3 plugins: mongoDB, Redis, and Docker Registry
COMMAND Manage trust on Docker images (experimental) Options: --help Print usage Commands: revoke Remove trust for an image sign Sign an image view Display detailed information about keys and signatures Run 'docker trust COMMAND --help' for more information on a command.