Collaborate Disseminate
HashiCorp Vault Agent creates a sidecar that talks to the Vault server and injects secrets as files into containers, where the files are located under /vault/secrets/.
"render all defined templates to the ephemeral in-memory mount at … Continue reading Root takeover attack on Kubernetes host despite Vault agent
Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isola… Continue reading Am I Isolated: Open-source container security benchmark
This article details a new campaign by TeamTNT, a notorious hacking group, leveraging exposed Docker daemons to deploy… Continue reading TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters
In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long shares insights on emerging isolation technologies that could enhance Kubernetes s… Continue reading How isolation technologies are shaping the future of Kubernetes security
In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through deployment. He focuses on best practices, automation, and continuous monitoring. Many… Continue reading Strengthening Kubernetes security posture with these essential steps
Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10.
The post Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover appeared first on SecurityWeek.
Continue reading Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover
Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads.
The post Kubernetes Container Isolation Startup Edera Raises $5 Million appeared first on SecurityWeek.
Continue reading Kubernetes Container Isolation Startup Edera Raises $5 Million
A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.
The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on Security… Continue reading Azure Kubernetes Services Vulnerability Exposed Sensitive Information
According to the OIDC specification:
The issuer value returned MUST be identical to the Issuer URL that was
used as the prefix to /.well-known/openid-configuration to retrieve
the configuration information. This MUST also be identical to … Continue reading What are the risks of disabling issuer URL validation?
We have several on-premises Kubernetes clusters that need to utilize AWS services. Currently, we use traditional IAM Users with static credentials, but we recognize this is a bad practice. We want to transition to using temporary credentia… Continue reading How to manage temporary AWS credentials for on-premises Kubernetes clusters?