Monday, April 29, 2019

Security Onion Docker Images NOT Affected by Recent Docker Hub Data Exposure

In Security Onion 16.04, our Elastic components are delivered via Docker images stored on Docker Hub.  Docker recently announced unauthorized access to a single Docker Hub database:

From the article:
Q: How do I know if I was impacted by this unauthorized access?
If you directly received an email from Docker about this incident, you may have been impacted. If you have received a password reset link, your password hash was potentially exposed. We have invalidated it and sent you a password reset link as a precaution. If you are using autobuilds and your GitHub or Bitbucket repositories have been unlinked from Docker Hub, you will need to relink those repositories for autobuilds to work correctly.
Security Onion does NOT use autobuilds and did NOT receive an email from Docker, so we don't have any reason to believe that our Docker accounts or images were impacted.  However, to err on the side of caution, we have verified our Docker images and reset our passwords.  Finally, please note that our images are digitally signed using Docker Content Trust:

No comments:

Search This Blog

Featured Post

Sneak Peek: New Detections Feature coming in Security Onion 2.4.70!

Our latest video is a sneak peek at a NEW feature coming to our FREE and OPEN Security Onion platform in the upcoming 2.4.70 release! This n...

Popular Posts

Blog Archive