Nested Guests: CVE-2019-7221

Earlier this month, twin KVM bugs found by Google’s Project Zero team were released publicly: CVE-2019-7221, a use-after-free vulnerability, and CVE-2019-7222, a memory leak that can assist exploitation of the …

Dirty Sock: CVE-2019-7304

Today, Chris Moberly blogged about his local privilege escalation bug in Ubuntu Linux, CVE-2019-7304, a.k.a. the “Dirty Sock” exploit (ew). This affects snapd, which is installed on Ubuntu 16.04.4 LTS …

A Brief Review of CVE-2019-5736: runc Container Breakout

A group of researchers yesterday announced CVE-2019-5736, a runc container breakout affecting container tools including Docker, Kubernetes, and containerd. Why it matters: Because many people run containers as “root,” the …

Exploiting systemd-journald Part 2

Introduction This is the second part in a multipart series on exploiting two vulnerabilities in systemd-journald, which were published by Qualys on January 9th. In the first post, we covered …

Capsule8’s Stance on Publication and Vulnerability Disclosure

Last week, Capsule8 Labs released an exploit for the problems in systemd that Qualys identified on January 9th, as part of series analyzing the vulnerabilities CVE-2018-16865 and CVE-2018-16866. We were …

Exploiting systemd-journald Part 1

Introduction This is part one in a multipart series (read Part 2 here) on exploiting two vulnerabilities in systemd-journald, which were published by Qualys on January 9th. Specifically, the vulnerabilities …

The SummerCon Fellowship

One of the ways Capsule8 came to be was through the community built around cool people doing cool research. That’s how most of us got our start, and we believe …

Security Challenges for Containers in Runtime

Protecting containers in runtime is a critical element in securing containerized applications. There are a number of threats that occur in real-time when containers are running in production so a …

3 Tips for Scaling Container Security

Container adoption continues to grow as enterprises large and small look to increase the efficiency of their software delivery with hybrid production environments. According to recent research we sponsored with …

Seven Key Takeaways from the Cloud-Native Security Summit

Earlier this week we wrapped up very first Cloud-Native Security Summit, an exclusive event co-hosted by Capsule 8, Duo Security, and Signal Sciences, designed to tackle all things cloud-native security. …