Attack Uses Docker Containers to Hide, Persist, Plant Malware

Posted: 08/08/2017 | Leave a Comment

The attack works on any Docker installation which exposes its API through TCP, which has (until recently) been the default for Windows PCs running Docker for Windows, an application used by developers to create and test containerized applications. “The attack endgame is a persistent remote code execution within the enterprise’s network,” Dulce said. “Persistence on the host computer is practically undetectable by existing security products from the host.”

https://threatpost.com/attack-uses-docker-containers-to-hide-persist-plant-malware/126992/

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Journal - Launching Innovation Through Medical Modeling and Simulation Technologies

This Special Edition of the Journal will provide a glimpse into current efforts to improve military medical training with simulation-based solutions.

Read the Journal

CSIAC Journal - Innovation Based Ecosystems

This issue of the Journal of Cyber Security & Information Systems explores how managing fast adoption modern-based system has more to do with understanding capabilities, interdependency between systems and effectively operating in the new paradigm than it has to do with differentiating product features.

Read the Journal