December 29, 2023 at 07:00AM Palo Alto Networks reports that an attacker with access to a Kubernetes cluster could exploit vulnerabilities in FluentBit and Anthos Service Mesh (ASM) within Google Kubernetes Engine (GKE) to gain complete control of the cluster. Google has released patches for the issues, but urges users to manually update their clusters … Read more
November 24, 2023 at 02:30AM Cybersecurity researchers have discovered publicly exposed Kubernetes configuration secrets that could potentially lead to supply chain attacks. The secrets, containing credentials for accessing container image registries, were uploaded to public repositories. Among those affected are top blockchain companies and fortune-500 companies. The researchers found that a significant portion of the … Read more
November 13, 2023 at 12:13PM DevOps teams face common mistakes that can hinder their success. These include overplanning or underplanning, relying too heavily on tools, striving for perfection, neglecting security, not understanding the problem, bypassing code reviews and quality gates, logging blind spots, ignoring the artifact lifecycle, not keeping code versions, and sticking to legacy … Read more
October 16, 2023 at 06:27PM Kaspersky has launched Kaspersky Container Security (KCS), a full-featured solution for containerized environments. KCS provides security for containerized applications during development and runtime, offering protection from cyber incidents. It consists of three main components: KCS scanner, KCS agent, and KCS server. KCS easily integrates into DevSecOps frameworks and helps ensure … Read more