The latest articles on DEV Community by Taradutt Pant (@taradutt). https://dev.to/taradutt https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F975861%2Fb9742151-1b83-43c5-8893-8aef1cf934ea.jpeg https://dev.to/taradutt en Taradutt Pant Sun, 20 Nov 2022 11:01:05 +0000 https://dev.to/taradutt/common-threats-to-container-security-3a5m https://dev.to/taradutt/common-threats-to-container-security-3a5m <p><strong>General Container Threats</strong></p> <p>Application-level DDOS and XSS against public-facing containers.<br> Compromised containers trying to ‘phone home to download malware.<br> Compromised containers try to scan other internal systems to find other weaknesses or search for sensitive data.<br> Container breakout and unauthorised access across containers, hosts, or data centers.<br> Container resource hogging, eating up CPU/Mem/Disk/IO to impact or even crash other containers.<br> Live to patch applications that bring in malicious processes from a hijacked DNS or another service.<br> Network flooding from poorly designed applications impacts other containers.</p> <p><strong>Container Attacks – Examples</strong></p> <p>SQL injection attacks gaining ownership of a database container to start stealing data.<br> The shell-shock bash bug allows remote attackers to execute arbitrary code inside a container.<br> The heart-bleed bug caused the container’s memory to be leaked and analyzed.<br> The Glibc stack-based buffer overflow is caused by a man-in-the-middle attack.<br> New zero-day attack on a container causing a persistent threat</p>