Security researchers have uncovered a horde of container instances that were having default configurations. Researchers from Palo Alto Networks came across over 40,000 of these containers on Shodan.
The containers belonged to Kubernetes and Docker, which are the two popular platforms used to deploy containerized applications. According to the researchers, a majority of them were hosted on AWS and were located in countries such as the US, Germany, Ireland, China, and France.
In a blog, Nathaniel Quist, Senior Threat Researcher at Palo Alto Networks, suggested how the aforementioned vulnerable containers can be dangerous.
“This does not necessarily mean that each of these 40,000+ platforms are vulnerable to exploits or even the leakage of sensitive data: it simply highlights that seemingly basic misconfiguration practices exist and can make organizations targets for further compromising events. Seemingly simple misconfigurations within cloud services can lead to severe impacts on organizations,” wrote Quist.