In recent developments, cybersecurity experts have raised alarms over a high-severity vulnerability identified in Kubernetes, marked as CVE-2023-5528. This critical flaw has the potential to allow attackers to execute arbitrary code with system privileges across all Windows endpoints within a cluster. Akamai, a leading global content delivery network, cybersecurity, and cloud service company, has issued […]
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher Tomer Peled said. “To exploit this […]
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive “criminal affiliate program,” new findings from Infoblox reveal. The latest development demonstrates the “breadth of their activities and depth of their connections within the cybercrime industry,” the company said, describing […]
A recent investigation by Unit 42 of Palo Alto Networks has uncovered a dual privilege escalation chain in Google Kubernetes Engine (GKE). This vulnerability, stemming from specific configurations in GKE’s logging agent FluentBit and Anthos Service Mesh (ASM), presents a significant security risk, potentially allowing attackers unauthorized access to Kubernetes clusters. Kubernetes and GKE Overview: […]
Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. “An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that […]
Kubernetes has become the de facto orchestration platform for managing containerized applications, but with its widespread adoption, the security of Kubernetes clusters has come under greater scrutiny. Central to Kubernetes’ architecture is etcd, a highly-available key-value store used to persist the cluster’s state and its configuration details. While etcd is essential for the Kubernetes cluster’s […]
According to the findings of Akamai’s security experts, a high-severity vulnerability in Kubernetes may be exploited to accomplish remote code execution (RCE) on any Windows endpoints that are part of the cluster. The flaw, identified as CVE-2023-3676 and with a CVSS score of 8.8, affects Kubernetes’ processing of YAML files. These files are used by […]
The first known proof that attackers are using Kubernetes (K8s) Role-Based Access Control (RBAC) in the field to construct backdoors was found by specialists. DaemonSets were also deployed by the malicious actors in order to seize control of the K8s clusters they attacked and steal their resources. An incorrectly configured API server that permitted unauthenticated […]
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. “The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack,” cloud security firm Aqua said in a report shared with The Hacker News. The […]
An unknown number of Uber drivers have been informed by a legal firm that represents Uber Technologies that sensitive data, including their identities and Social Security numbers, has been taken by cyberattackers. This data includes the drivers’ names. The world’s largest ride-sharing company has suffered its third data hack in the last half a year. […]
Uber faces various cyber attacks that result in the disclosure of employee email addresses, company reports, and information related to IT assets. The servers of Genova Burns, a legal services firm, have been compromised, resulting in the theft of driver data belonging to the company. Breach Notification Genova Burns LLC informed the impacted drivers that […]
Dero is a relatively new cryptocurrency that places a strong emphasis on privacy. It utilizes directed acyclic graph (DAG) technology, which allows it to make the claim that its transactions are completely anonymous. The combination of anonymity and a greater rewards ratio makes it potentially attractive for cryptojacking organizations in comparison to Monero, which is […]
Argo CD is a Kubernetes-based declarative GitOps continuous delivery platform. It is built as a Kubernetes controller that constantly monitors running apps and compares their current, live state to the intended goal state (as specified in the Git repo). 257 enterprises, including Alibaba Group, BMW Group, Deloitte, Gojek, IBM, Intuit, LexisNexis, Red Hat, Skyscanner, Swisscom, […]
Kubernetes Deployment on AWS Kubernetes is open-source software for deploying and managing containerized applications at scale. Kubernetes can manage clusters on Amazon EC2 instances, run containers on those instances, and perform deployment, maintenance, and scaling processes. Kubernetes lets you run containerized applications on-premises and in the cloud using the same set of tools. AWS offers […]
Docker is a technology for containerization, while Kubernetes is a tool for orchestrating container deployments. In the subsequent subsections, we will discuss a variety of open-source tools that really are useful for securing Kubernetes clusters. These open source tools involve code snippets that will help with static scanning of Docker images, security auditing, hardening Kubernetes […]
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured Docker and Kubernetes instances. The intrusions, […]
A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting to cover up the incident. Sullivan has been convicted on two counts: One for obstructing justice by not reporting the incident and another for misprision. […]
The City of London Police on Friday revealed that it has arrested a 17-year-old teenager from Oxfordshire on suspicion of hacking. “On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking,” the agency said, adding “he remains in police custody.” The department said […]
Uber, in an update, said there is “no evidence” that users’ private information was compromised in a breach of its internal computer systems that was discovered late Thursday. “We have no evidence that the incident involved access to sensitive user data (like trip history),” the company said. “All of our services including Uber, Uber Eats, […]
Uber’s computer network has been hacked on Thursday, leading the company to take some of its internal communications and engineering systems offline. Reports say, an 18 year old hacker who was working on his cybersecurity skills for several years, sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York […]
Uber’s computer network has been hacked on Thursday, leading the company to take some of its internal communications and engineering systems offline. Reports say, an 18 year old hacker who was working on his cybersecurity skills for several years, sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York […]