January 24, 2024 at 09:45AM A critical loophole named Sys:All in Google Kubernetes Engine (GKE) has been discovered by cybersecurity researchers, allowing threat actors with a Google account to take control of GKE clusters. Around 250,000 active GKE clusters are susceptible. Google has taken steps to address the issue in GKE versions 1.28 and later. … Read more
December 28, 2023 at 08:54AM Google Cloud addressed a medium-severity security flaw that could allow escalation of privileges for attackers with access to a Kubernetes cluster. Palo Alto Networks Unit 42 discovered the vulnerability, which could lead to data theft and disruption of cluster operations. The issue has been fixed in specific versions of Google … Read more
December 21, 2023 at 03:27PM Cisco announced the acquisition of Silicon Valley startup Isovalent to bolster its cloud security product portfolio, without disclosing financial terms. Isovalent, which raised $70 million in venture capital, specializes in eBPF open source technology and cloud native solutions for networking and security. The acquisition adds Cilium and Tetragon products to … Read more
November 22, 2023 at 11:26AM Kubernetes, a popular orchestration platform for containerized software environments, has become a target for attackers. While most attacks have focused on stealing cloud compute resources for cryptocurrency mining, security researchers warn that rootkit infections could give attackers greater control over Kubernetes clusters. These rootkits can hide malicious containers and perform … Read more
November 17, 2023 at 06:00AM The Hacker News is hosting an exclusive webinar titled ‘Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.’ Led by Jose Hernandez from Lacework Labs, the session will cover Kubernetes security breaches, the Zenbleed vulnerability, cloud supply chain vulnerabilities, and the CloudWizard APT. The webinar aims to provide actionable … Read more
November 6, 2023 at 03:10PM Aqua Security has announced that its open source solution, Trivy, now includes vulnerability scanning for Kubernetes components. This helps companies understand the security of their Kubernetes environment and reduce risk. Trivy also supports Kubernetes Bill of Materials (KBOM) generation, allowing users to track cluster security changes over time. Aqua will … Read more
October 30, 2023 at 04:09PM Three high-severity bugs in the NGINX ingress controller for Kubernetes have been identified. These vulnerabilities, listed as CVE-2023-5043, CVE-2023-5044, and CVE-2022-4886, can potentially enable attackers to steal credentials and other sensitive information from Kubernetes clusters. The flaws have yet to be patched and it is unknown if they have been … Read more
October 30, 2023 at 03:18AM Unpatched security flaws have been discovered in the NGINX Ingress controller for Kubernetes. These vulnerabilities (CVE-2022-4886, CVE-2023-5043, CVE-2023-5044) could allow threat actors to steal secret credentials, execute arbitrary commands, and inject code into the ingress controller. Mitigations have been released, but updating NGINX and enabling strict path validation is recommended. … Read more
October 12, 2023 at 09:59AM The recently fixed vulnerabilities in the command-line tool curl and the libcurl library require security teams to identify and remediate impacted systems. The vulnerabilities can only be exploited under specific conditions. Organizations should scan their environment using software analysis tools to assess which systems are using curl and libcurl. Additionally, … Read more