Kubernetes

New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps

Feb 6, 2022 by iHash Leave a Comment

Users of the Argo continuous deployment (CD) tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The flaw, tagged as CVE-2022-24348 (CVSS score: 7.7), affects all versions and has been addressed in versions 2.3.0, 2.2.4, and 2.1.9. Cloud … [Read more...] about New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps

Kubernetes Container Escape Using Linux Kernel Exploit

Feb 1, 2022 by iHash Leave a Comment

On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions. CVE-2022-0185 … [Read more...] about Kubernetes Container Escape Using Linux Kernel Exploit

Collecting Metrics from Windows Kubernetes Nodes in AKS

Jan 17, 2022 by iHash Leave a Comment

Windows applications constitute a large portion of the services and applications that run in many organizations. When moving to a Kubernetes-based architecture, there is a need to support these as well. Up until April 2020, the lack of container support within the Windows operating system left Linux container images as the only viable option for Kubernetes container deployment. … [Read more...] about Collecting Metrics from Windows Kubernetes Nodes in AKS

Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances

Jun 9, 2021 by iHash Leave a Comment

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. The campaign involved deploying TensorFlow pods on Kubernetes clusters, with the pods running legitimate TensorFlow images from the official Docker Hub account. However, the container images were configured to execute rogue … [Read more...] about Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances

Linkcard Professional Plan: Lifetime Subscription for $49

MasterWriter 2-Year License (Creative Writer Version) for $99

OTTERBOX DEFENDER SERIES SCREENLESS EDITION Case for iPhone 13 Pro (ONLY) – HUNTER GREEN for $29

DUBLIN 1L Stainless Steel French Press for $63

Prodigy Afterschool Masterclasses for Kids for $99

New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps

Kubernetes Container Escape Using Linux Kernel Exploit

Collecting Metrics from Windows Kubernetes Nodes in AKS

Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances