Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
This article from The Hacker News presents a nerve-racking revelation about how cyber threat actors are adapting to the evolving digital landscape.
This article from The Hacker News presents a nerve-racking revelation about how cyber threat actors are adapting to the evolving digital landscape.
Kubernetes security is safeguarding your Kubernetes clusters, the applications they host, and the infrastructure they rely on from threats. As a container orchestration platform, Kubernetes is incredibly powerful but presents a broad attack surface for potential adversaries.
Security providers are using eBPF for observability to prevent attacks, detect and remediate high-priority vulnerabilities (and to distinguish between severe and less severe vulnerabilities), to detect suspicious activity and other uses.
Among cloud developers, Kubernetes is now a widely used platform. It's not immune to security incidents, however, and these can lead to loss of revenue or customers.
Threat actors have been observed using Amazon Web Services (AWS) 's System Manager (SSM) agent as a Remote Access Trojan (RAT) on Linux and Windows machines.
Cilium, an open-source networking, security and observability project, has released version 1.14 with an array of connectivity, security and observability updates. The Cilium 1.14 update also introduces new mesh capabilities, high-speed networking and security enhancements.
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal.
With eBPF monitoring container activity from the kernel layer, many of the challenges associated with observability in the cloud are solved.
A recent report entitled Cloud Native and Kubernetes Security Predictions 2023 underscores the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets.
Learn about the advantages of using Kubernetes and Docker together, including enhanced security. "Kubernetes and Docker offer security features such as network isolation, access controls, and image signing. These features help secure containerized applications and protect sensitive data."
Kubernetes is an open-source container orchestration platform that provides an efficient and scalable way to manage containerized workloads and services. The platform is based on a distributed architecture that enables it to manage and scale containerized applications across multiple nodes in a cluster. It plays a vital role in ensuring data security in containerized environments, providing "multiple layers of security measures" to protect the data.
Earlier this week, Amazon announced the availability of Amazon Linux 2023, its third-generation Linux distribution. With this distribution, Amazon is promising three benefits: a high-security standard, a predictable lifecycle, and deterministic updates.
IBM said this week it will soon roll out an AI-infused, hybrid-cloud oriented version of its z/OS mainframe operating system.
Whether you go with a cloud provider or go it alone, you need to plan the right architecture for your Kubernetes infrastructure.
Last week Microsoft launched a new feature that lets customers run modern applications on Azure Kubernetes Service (AKS) in an isolated and secure form. Initially announced at the last KubeCon, the feature is currently available in public preview.
The Cloud Native Computing Foundation (CNCF) early this month in Seattle hosted the first standalone CloudNativeSecurityCon (CNSCon) North America 2023. The event drew more than 800 attendees and offered 70 sessions. In her keynote, CNCF Executive Director Priyanka Sharma described it as the first open source, vendor-neutral, practitioner-driven conference for security.
Multiple misconfigurations in a service that underpins many Azure features could have allowed an attacker to remotely compromise a cloud user's system.
The software development process is getting quicker. Devops teams are under increased pressure to go to market, and they’re able to work quickly, thanks in part to open-source software (OSS) packages.
The pace of software development is accelerating. Devops teams are under more pressure to launch products rapidly, and they are able to do so in part because of open-source software (OSS) tools.
Kinsing is an old-school Linux/Unix Executable and Link format (ELF) malware program that runs a cryptominer and attempts to spread itself to other containers and hosts.