Tag: kubernetes
-
Critical default credential in Kubernetes Image Builder allows SSH root access
It’s called leaving the door wide open especially in Proxmox First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/critical_kubernetes_image_builder_bug/
-
Critical default credential in Kubernetes Image Builder allows SSH root access
It’s called leaving the door wide open especially in Proxmox First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/critical_kubernetes_image_builder_bug/
-
Kritische Sicherheitslücke: Angreifer können Kubernetes als Root attackieren
Bestimmte Kubernetes Image Builder erzeugen VM-Images mit statischen Zugangsdaten. Admins müssen bestehende Images neu erstellen. First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdate-Kritische-Root-Luecke-in-Kubernetes-geschlossen-9985631.html
-
Critical Vulnerability in Kubernetes Image Builder Exposes Nodes to Root Access
A new security risk has emerged in the Kubernetes Image Builder, posing a critical threat to organizations that utilize this tool for managing their containerized environments. The Kubernetes Image Builder vulnerability tracked as CVE-2024-9486, has been assigned a CVSS score of 9.8, indicating its severity. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/kubernetes-image-builder-vulnerability/
-
Mit Standard-Zugangsdaten: Kubernetes-Lücke ermöglicht Root-Zugriff per SSH
Betroffen sind Images, die mit dem Kubernetes Image Builder erstellt wurden. Es gibt zwar einen Patch, doch der schützt bestehende Images nicht. First seen on golem.de Jump to article: www.golem.de/news/mit-standard-zugangsdaten-kubernetes-luecke-ermoeglicht-root-zugriff-per-ssh-2410-189927.html
-
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.”A security issue First seen…
-
Critical default credential bug in Kubernetes Image Builder allows SSH root access
It’s called leaving the door wide open – especially in Proxmox First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/critical_kubernetes_image_builder_bug/
-
Strengthening Kubernetes security posture with these essential steps
In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/16/paolo-mainardi-sparkfabrik-kubernetes-security/
-
Kubernetes Security Best Practices 2024 Guide
Kubernetes security best practices include using RBAC for access control, enforcing network policies, regularly updating components, and more. Read our guide here. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/applications/kubernetes-security-best-practices/
-
Make Deployments Great Again: How to Use Helm with Continuous Deployment (CD)
Tags: kubernetesLearn how to automate Helm deployments with GitOps, using Argo CD for continuous delivery. Seamlessly handle secrets, pod auto-restart, and version propagation in Kubernetes with this production-ready integration. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/make-deployments-great-again-how-to-use-helm-with-continuous-deployment-cd/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 14
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Threat Actors leverage Docker Swarm and Kubernetes to…
-
Complete your Kubernetes security with runtime protection
Kubernetes today is the de facto standard for container orchestration, deployment automation, scaling, and management of containerized apps. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/complete-your-kubernetes-security-with-runtime-protection/
-
Kubernetes Container Isolation Startup Edera Raises $5 Million
Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads. The post Kubernetes Container Isolation Startup Edera Raises $5 Million appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/kubernetes-container-isolation-startup-edera-raises-5-million/
-
TeamTNT aims to take down cloud-based Docker containers, Kubernetes clusters
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/teamtnt-aims-to-take-down-cloud-based-docker-containers-kubernetes-clusters
-
Kubernetes-Storage: Portworx by Pure Storage benennt wichtige Trends
Mit Portworx können Unternehmen ihren Entwicklern ein Self-Service-Erlebnis bieten, während sie gleichzeitig die Verschwendung von GPU-Ressourcen verm… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kubernetes-storage-portworx-by-pure-storage-benennt-wichtige-trends/a36885/
-
Veeam verbessert die Kubernetes-native Datensicherung mit Kasten V7.0
Mit seinem Schwerpunkt auf Cyber-Resilienz und der Erfüllung von Unternehmensanforderungen stellt Veeam Kasten V7.0 strenge, standardkonforme Sicherhe… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/veeam-verbessert-die-kubernetes-native-datensicherung-mit-kasten-v7-0/a37291/
-
Dynatrace präsentiert Observability-gesteuertes Kubernetes Security Posture Management
Die neue KSPM-Lösung von Dynatrace ermöglicht es Teams zusammen mit den bestehenden RVA- und RAP-Funktionen der Plattform, Risiken in ihren Kubernetes… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/dynatrace-praesentiert-observability-gesteuertes-kubernetes-security-posture-management/a37417/
-
Portworx by Pure Storage erläutert Best Practices für Kubernetes-Storage
Kubernetes ist extrem leistungsfähig bei der Orchestrierung und Verwaltung von Tausenden von containerisierten Anwendungen. Die Speicherung in Kuberne… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/portworx-by-pure-storage-erlaeutert-best-practices-fuer-kubernetes-storage/a38172/
-
Red Hat encouraging partners to talk Kubernetes security
Tags: kubernetesFirst seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366609274/Red-Hat-encouraging-partners-to-talk-Kubernetes-security
-
Keep Hackers Out of Your Kubernetes Cluster with These 5 Simple Tricks!
First seen on tldrsec.com Jump to article: tldrsec.com/p/kubernetes-security-threat-informed-defense
-
Zero Trust Access to Kubernetes
Overthe past few years, Kudelski Security’s engineering team has prioritized migrating our infrastructure to multi-cloud environments. Our internal cl… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2021/12/14/zero-trust-access-to-kubernetes/
-
Platform Engineering Is Security Engineering
Tags: kubernetesFor modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embedding security into the fabric of those systems. Source: www.darkreading.com/application-security/platform-engineering-is-security-engineering comments: 0
-
CAST AI Automates Kubernetes Security Posture Management to Block Runtime Threats
CAST AI boasts that its Kubernetes automation platform cuts AWS, Azure and Google Cloud Platform costs by more than 50%. Source: securityboulevard.com/2024/09/cast-ai-automates-kubernetes-security-posture-management-to-block-runtime-threats/ comments: 0
-
Azure Kubernetes Bug Lays Open Cluster Secrets
Tags: kubernetesFirst seen on darkreading.com Jump to article: www.darkreading.com/application-security/azure-kubernetes-bug-lays-open-cluster-secrets
-
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html
-
TLS bootstrap attack gains access to Azure Kubernetes Services cluster
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/tls-bootstrap-attack-gains-access-to-azure-kubernetes-services-cluster
-
Azure Kubernetes Services Vulnerability Exposed Sensitive Information
A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters. The… First seen on securityweek.com Jump to article: www.securityweek.com/azure-kubernetes-services-vulnerability-exposed-sensitive-information/
-
Sicherheitsrisiko Container Sicherheit muss in den Fokus
First seen on security-insider.de Jump to article: www.security-insider.de/cloud-native-technologie-kubernetes-sicherheit-a-49583b3b2a159679a63c9d0727e28378/
-
The Role of Microsegmentation in Kubernetes Environments
Optimizing Kubernetes security and efficiency of through granular control Kubernetes stands out as a powerful and versatile platform amongst applicati… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/the-role-of-microsegmentation-in-kubernetes-environments/