ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Encore: The secrets behind Docker. "
Episode Synopsis
Alon Zahavi from CyberArk, joins Dave Bittner on this episode to discuss CyberArk's work in conjunction with Patch Tuesday. CyberArk published about how Docker inadvertently created a new vulnerability and what happens when it's exploited.
CyberArk's research concluded that an attacker may execute files with capabilities or setuid files in order to escalate its privileges up to root level. CyberArk found the new vuln in some of Microsoft’s Docker images, caused by misuse of Linux capabilities, a powerful additional layer of security that gives admins the ability to assign capabilities and privileges to processes and files in the Linux system
The research can be found here:
How Docker Made Me More Capable and the Host Less Secure
Learn more about your ad choices. Visit megaphone.fm/adchoices
CyberArk's research concluded that an attacker may execute files with capabilities or setuid files in order to escalate its privileges up to root level. CyberArk found the new vuln in some of Microsoft’s Docker images, caused by misuse of Linux capabilities, a powerful additional layer of security that gives admins the ability to assign capabilities and privileges to processes and files in the Linux system
The research can be found here:
How Docker Made Me More Capable and the Host Less Secure
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Research Saturday
The lies that let AI run amok.
20/12/2025
Root access to the great firewall.
13/12/2025
When macOS gets frostbite.
06/12/2025
A new stealer hiding behind AI hype.
29/11/2025
Two RMMs walk into a phish…
22/11/2025
When clicks turn criminal.
15/11/2025
A fine pearl gone rusty.
08/11/2025
Attack of the automated ops.
01/11/2025
A look behind the lens.
25/10/2025
Smile for the malware.
18/10/2025
In God we trust