Collecting Cyber-News from over 60 sources

Tag: kubernetes

Kubernetes Image Builder Vulnerabilities

Dec 1, 2024 1:19 AM

by

Andy Stern

in SecurityNews

Tags: cve, kubernetes, vulnerability

Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (CVSS 6.3), that impact the Kubernetes Image Builder. T… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/17/kubernetes-image-builder-vulnerabilities/
AWS re:Invent 2024: Optimize Your Kubernetes with Fairwinds and NetApp

Nov 27, 2024 12:12 AM

by

Andy Stern

in SecurityNews

Tags: cloud, control, infrastructure, kubernetes, service
GitLab Patches Critical Flaws Leads to Unauthorized Access to Kubernetes Cluster

Nov 14, 2024 9:53 AM

by

Andy Stern

in SecurityNews

Tags: access, cyber, flaw, gitlab, kubernetes, unauthorized, update, vulnerability

GitLab has rolled out critical security updates to address multiple vulnerabilities in its Community Edition (CE) and Enterprise Edition (EE), fixing issues that could lead to unauthorized access to Kubernetes clusters and other potential exploits. The latest patch versions, 17.5.2, 17.4.4, and 17.3.7, are now available, and GitLab strongly urges all self-managed users to upgrade…
Critical default credential in Kubernetes Image Builder allows SSH root access

Nov 13, 2024 7:50 PM

by

Andy Stern

in SecurityNews

Tags: access, credentials, kubernetes

First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/critical_kubernetes_image_builder_bug/
Managed Kubernetes-as-a-Service: A Force Multiplier for Your Tech Team

Nov 13, 2024 6:53 PM

by

Andy Stern

in SecurityNews

Tags: business, container, infrastructure, kubernetes, service
ARMO selected by Orange Business to Secure its Managed Kubernetes Services

Nov 12, 2024 8:04 PM

by

Andy Stern

in SecurityNews

Tags: business, kubernetes, service

We’re honored to share a new partnership with Orange Business (Norway), a global leader in digital services. ARMO First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/armo-selected-by-orange-business-to-secure-its-managed-kubernetes-services/
A Critical Guide to Securing Large Language Models

Nov 7, 2024 2:03 PM

by

Andy Stern

in SecurityNews

Tags: access, ai, best-practice, business, cloud, compliance, control, data, encryption, google, guide, infrastructure, intelligence, kubernetes, LLM, microsoft, network, saas, service, software, strategy, unauthorized, update, vmware

A Critical Guide to Securing Large Language Models madhav Thu, 11/07/2024 – 06:25 Securing large language models (LLMs) presents unique challenges due to their complexity, scale, and data interactions. Before we dive into securing them, let’s touch on the basics. What are LLMs? LLMs are Large Language Models that are advanced artificial intelligence systems designed…
Unbefugter Zugriff auf die VMs möglich – Kubernetes erstellt gefährdete VM-Images

Nov 4, 2024 7:56 AM

by

Andy Stern

in SecurityNews

Tags: access, kubernetes

First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-kubernetes-virtuelle-maschinen-bedroht-a-de45ab5766a26b886d689ce52f6d69e5/
Runtime context: the missing piece in Kubernetes security

Oct 31, 2024 3:56 PM

by

Andy Stern

in SecurityNews

Tags: kubernetes

First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/runtime-context-the-missing-piece-in-kubernetes-security/
How isolation technologies are shaping the future of Kubernetes security

Oct 30, 2024 5:56 AM

by

Andy Stern

in SecurityNews

Tags: ceo, kubernetes, vulnerability

In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigati… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/28/emily-long-edera-kubernetes-clusters-security/
Mit Standard-Zugangsdaten: Kubernetes-Lücke ermöglicht Root-Zugriff per SSH

Oct 29, 2024 12:58 PM

by

Andy Stern

in SecurityNews

Tags: access, kubernetes

First seen on golem.de Jump to article: www.golem.de/news/mit-standard-zugangsdaten-kubernetes-luecke-ermoeglicht-root-zugriff-per-ssh-2410-189927.html
Kubernetes Security Best Practices 2024 Guide

Oct 28, 2024 10:55 PM

by

Andy Stern

in SecurityNews

Tags: access, best-practice, control, guide, kubernetes, network

Kubernetes security best practices include using RBAC for access control, enforcing network policies, regularly updating components, and more. Read ou… First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/applications/kubernetes-security-best-practices/
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

Oct 28, 2024 3:55 PM

by

Andy Stern

in SecurityNews

Tags: access, exploit, flaw, kubernetes, risk, vulnerability

A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/critical-kubernetes-image-builder.html
Kritische Sicherheitslücke: Angreifer können Kubernetes als Root attackieren

Oct 28, 2024 1:56 PM

by

Andy Stern

in SecurityNews

Tags: bug, kubernetes

First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdate-Kritische-Root-Luecke-in-Kubernetes-geschlossen-9985631.html
Critical Bug In Kubernetes Image Builder Allows SSH Root Access

Oct 23, 2024 3:24 PM

by

Andy Stern

in SecurityNews

Tags: access, kubernetes

First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36484/Critical-Bug-In-Kubernetes-Image-Builder-Allows-SSH-Root-Access.html
Critical Vulnerability in Kubernetes Image Builder Exposes Nodes to Root Access

Oct 21, 2024 10:59 PM

by

Andy Stern

in SecurityNews

Tags: access, kubernetes, risk, threat, tool, vulnerability

A new security risk has emerged in the Kubernetes Image Builder, posing a critical threat to organizations that utilize this tool for managing their c… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/kubernetes-image-builder-vulnerability/
Policy as code in Kubernetes: security with seccomp and network policies

Oct 21, 2024 10:01 AM

by

Andy Stern

in SecurityNews

Tags: kubernetes, network

First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/policy-as-code-in-kubernetes-security-with-seccomp-and-network-policies/
A critical flaw in Kubernetes Image Builder could allow attackers to gain root access

Oct 20, 2024 2:58 PM

by

Andy Stern

in SecurityNews

Tags: access, exploit, flaw, kubernetes

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes I… First seen on securityaffairs.com Jump to article: securityaffairs.com/169919/security/kubernetes-image-builder-critical-flaw.html
Critical default credential bug in Kubernetes Image Builder allows SSH root access

Oct 18, 2024 9:58 AM

by

Andy Stern

in SecurityNews

Tags: access, credentials, kubernetes

First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/critical_kubernetes_image_builder_bug/
Strengthening Kubernetes security posture with these essential steps

Oct 18, 2024 5:59 AM

by

Andy Stern

in SecurityNews

Tags: kubernetes, strategy

In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from dev… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/16/paolo-mainardi-sparkfabrik-kubernetes-security/
Critical Kubernetes Image Builder flaw gives SSH root access to VMs

Oct 17, 2024 11:59 PM

by

Andy Stern

in SecurityNews

Tags: access, flaw, kubernetes, unauthorized, vulnerability

A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Bui… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-kubernetes-image-builder-flaw-gives-ssh-root-access-to-vms/
Red Hat encouraging partners to talk Kubernetes security

Oct 2, 2024 10:36 AM

by

Andy Stern

in SecurityNews

Tags: kubernetes

First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366609274/Red-Hat-encouraging-partners-to-talk-Kubernetes-security
Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern

Oct 2, 2024 7:37 AM

by

Andy Stern

in SecurityNews

Tags: kubernetes

First seen on csoonline.com Jump to article: www.csoonline.com/de/a/wie-sie-ihre-cluster-besser-absichern
Complete your Kubernetes security with runtime protection

Sep 23, 2024 7:11 PM

by

Andy Stern

in SecurityNews

Tags: kubernetes

First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/complete-your-kubernetes-security-with-runtime-protection/
Kubernetes Container Isolation Startup Edera Raises $5 Million

Sep 23, 2024 3:11 PM

by

Andy Stern

in SecurityNews

Tags: ai, container, kubernetes, startup

Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads. The post Kubernetes Container Isolati… First seen on securityweek.com Jump to article: www.securityweek.com/kubernetes-container-isolation-startup-edera-raises-5-million/
TeamTNT aims to take down cloud-based Docker containers, Kubernetes clusters

Sep 21, 2024 9:29 PM

by

Andy Stern

in SecurityNews

Tags: cloud, container, docker, kubernetes

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/teamtnt-aims-to-take-down-cloud-based-docker-containers-kubernetes-clusters
Platform Engineering Is Security Engineering

Sep 17, 2024 10:33 PM

by

Andy Stern

in SecurityNews

Tags: kubernetes

For modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embed… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/platform-engineering-is-security-engineering
CAST AI Automates Kubernetes Security Posture Management to Block Runtime Threats

Sep 10, 2024 9:36 PM

by

Andy Stern

in SecurityNews

Tags: ai, kubernetes, threat

First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/cast-ai-automates-kubernetes-security-posture-management-to-block-runtime-threats/
Azure Kubernetes Bug Lays Open Cluster Secrets

Aug 29, 2024 10:34 PM

by

Andy Stern

in SecurityNews

Tags: kubernetes

First seen on darkreading.com Jump to article: www.darkreading.com/application-security/azure-kubernetes-bug-lays-open-cluster-secrets
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

Aug 29, 2024 1:35 PM

by

Andy Stern

in SecurityNews

Tags: attack, cybersecurity, exploit, flaw, kubernetes, microsoft, service

Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html