Kubernetes Deployments Around the World Show Vulnerabilities
Kubernetes owners who expose APIs to the Internet are leaving their systems open to hackers.
New research on Kubernetes security suggests that hundreds of installations worldwide have been hijacked for cryptomining — most due to a combination of recent reported vulnerabilities and Kubernetes APIs exposed to the Internet with no authentication required for access.
Kubernetes combines groups of containers into structures called "pods." According to Binary Edge's report, "By having this exposed, an attacker can not only see what is running on the Pods, but also execute commands on the Pods themselves."
In addition to exposing Kubernetes APIs for use by cryptominers, the report also says the scanned instances can expose critical data and passwords.
Read more here.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024