By Andson Tung We have seen a lot of reports on how the Linux kernel can be compromised by the Dirty Cow (CVE-2016-5195) exploit. One technique that attackers use is to exploit this kernel bug to overwrite a so-called setuid program in the system. A setuid program allows the user to temporarily elevate the privilege in order to perform a certain …
AWS Container Threats – How to Detect Threats in the Public Cloud
By Fei Huang Today more and more applications are running in a public cloud in containers. A common question we hear is “Do AWS container threats exist and how can we detect them?” For the application administrator or a security team, it is always interesting to know what and how their containers look like from security point of view. The recent …
NeuVector Launches New Approach to Continuous Docker Container Security
Backed by behavioral learning, zero-configuration application delivers runtime visibility and network security that adapts to fluctuating container environments San Jose, California – January 31, 2017 – NeuVector today announced the launch and immediate availability of a new approach to securing Docker containers. With constant behavioral learning automatically applied to security policies for containers, NeuVector secures containers where they have been …
How to Protect Against Elasticsearch Ransomware Attacks
By Fei Huang, Co-Founder and CEO, NeuVector As if it wasn’t already bad enough, the ransomware attacks on MongoDB users continue to spread and have now targeted exposed Elasticsearch clusters. Like MongoDB, Elasticsearch is one of the most popular containerized applications and is widely used all over the world in datacenters. In these Elasticsearch ransomware attacks, the attackers wipe out user …
Dyn DDOS Attack Reminds Us To Secure Everything – Even Containers
If there’s any lesson to be taken away from the recent DDoS attack on Dyn it’s that we are all under the constant threat of attack no matter how small or how big we are. Even the largest, most heavily defended service providers can be hacked. We probably hear about less than 1% of all the successful and unsuccessful attempts because …