A Dive into malicious Docker Containers, (Fri, Dec 7th)

Last few days we’re seeing increased attacks from %%ip:192.99.142.246%%, which is trying to exploit open Docker instances (%%port:2375%%). The container (being named java123) is based on image ahtihhebs/picture124, and executed with payload:

Article Link: https://isc.sans.edu/diary/rss/24388