DevSecOps, Identity

Widespread leak from Docker Hub-hosted images discovered

Share

BleepingComputer reports that sensitive data has been exposed by nearly 8.5% of 337,171 container images hosted on the cloud-based Docker Hub repository and private registries. Docker Hub had a higher secret exposure rate than private registries, leaking 52,107 valid private keys and 3,158 API secrets, which suggests more lax container security efforts among Docker Hub users, according to a study by researchers at Germany's RWTH Aachen University. Moreover, single-user images were the source of most leaked secrets, which suggests unintended exposure. Further examination revealed that the exposed private keys have been supporting 22,082 compromised certificates and 275,269 hosts, including 8,674 Message Queuing Telemetry Transport hosts, 8,165 SMTP email servers, 6,672 FTP instances, 240 SSH servers, and 24 Kubernetes instances. Meanwhile, Amazon Web Services and other cloud providers accounted for most of the exposed API containers although determining in-the-wild usage of the leaked secrets was noted by researchers to have been limited by ethical considerations.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.