26 matches found
The Rise of the Drone Boats
Swarms of weaponized unmanned surface vessels have proven formidable weapons in the Black and Red Seas. Can the US military learn the right lessons from it?...
Maritime lawyers assemble!
Maritime cyber insurance has been playing catch-up with maritime cyber security for a while now. It was all pretty good until the availability of cheap VSAT meant that ships became constantly connected. Vessels were mostly not connected at sea, other than Fleet Broadband connections, rarely used...
What goes into testing a ship?
TL;DR Testing a ship involves identifying and mitigating cybersecurity risks using the "Identify, Prevent, Detect, Respond, Recover" framework. Guidelines include MSC.42898, BIMCO, IACS UR E26/E27, and ISO standards. New builds and existing vessels require proper documentation and network securit...
ALSA-2024:0748 Important: container-tools:4.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: file descriptor leak "Leaky Vessels" CVE-2024-21626 A AlmaLinux Security Bulletin which addresses further details about the Leaky Vessels flaw is available in th...
Leaky Vessels in Cloud Environments Shake Docker and Beyond
Summary: Four vulnerabilities, collectively termed Leaky Vessels, have been uncovered within container engine components, specifically affecting the runC command line tool. In the most severe instances, illicit entry into the underlying host operating system could result in the compromise of vita...
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have...
Container Breakout (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Container Breakout Leaky Vessels. Due to certain leaked file descriptors, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem namespace, allowing for a container...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Link Resolution Before File Access (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Link Resolution Before File Access Leaky Vessels allowing arbitrary file deletion on the host system. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for th...
Race Condition (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Race Condition Leaky Vessels in the subpath mounting when two malicious build steps are running in parallel and sharing the same cache mounts. This can lead to files from the host system being accessible to the build container. Workarou...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
Improper Handling of Insufficient Privileges (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Privileges Leaky Vessels via APIs for running interactive containers based on built images. It is possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, runnin...
‘Dark Ships’ Emerge From the Shadows of the Nord Stream Mystery
Satellite monitors discovered two vessels with their trackers turned off in the area of the pipeline prior to the suspected sabotage in September...
Friday Squid Blogging: South American Squid Stocks Threatened by Chinese Fishing
Theres a lot of fishing going on: The number of Chinese-flagged vessels in the south Pacific has surged 13-fold from 54 active vessels in 2009 to 707 in 2020, according to the SPRFMO. Meanwhile, the size of Chinas squid catch has grown from 70,000 tons in 2009 to 358,000. As usual, you can also u...
Phantom Warships Are Courting Chaos in Conflict Zones
The latest weapons in the global information war are fake vessels behaving badly...