A slew of misconfigured Docker container registries exposed source code for 15,887 unique versions of applications. Palo Alto Networks’ Unit 42 division found the exposed registries via Shodan and Censys searches. The security firm said the registries lacked proper network access control. The consequences for companies whose registries are attacked by cybercriminals can be profound, Palo Alto said. The firm said that remediation is straightforward requiring the addition of a firewall rule that says registries can t be accessed from the internet.
Source: https://threatpost.com/docker-registries-malware-data-theft/152734/