Threat Alert: Maneuver Docker API for Host Takeover
Aqua Security
NOVEMBER 5, 2019
Docker clients can communicate with the daemon either locally, via a unix socket, or over a network via a TCP socket. Aqua's research team discovered an interesting attack vector running on top of an unsecured Docker socket API.
Let's personalize your content