Container code cluster-fact: There's a hole in Kubernetes that lets miscreants cause havoc

Container code cluster-fact: There's a hole in Kubernetes
Critical bug brings bevy of patches
December 3, 2018
https://www.theregister.co.uk/2018/12/03/container_code_clusterfact_theres_a_hole_in_kubernetes/

 

Exploit Code for the Kubernetes Flaw Is Now Available
December 10, 2018
https://www.bleepingcomputer.com/ne...ode-for-the-kubernetes-flaw-is-now-available/

 

Serious Path Traversal Flaw Found in Kubernetes
April 1, 2019
https://www.securityweek.com/serious-path-traversal-flaw-found-kubernetes

 

Incomplete Fix Leads to New Kubernetes Bug
June 24, 2019
https://www.infosecurity-magazine.com/news/incomplete-fix-leads-to-new-1/

 

CNCF Open Sources Security Audit of Core Kubernetes Components
August 6, 2019
https://thenewstack.io/cncf-open-sources-security-audit-of-core-kubernetes-components

 

Kubernetes security matures: Inside the project’s first audit
August 12, 2019
https://www.helpnetsecurity.com/2019/08/12/kubernetes-security-matures/

 

Severe Flaws in Kubernetes Expose All Servers to DoS Attacks
August 20, 2019
https://www.bleepingcomputer.com/ne...kubernetes-expose-all-servers-to-dos-attacks/

 

Aqua Security Open Sources Container Pen Test
August 24, 2019
https://containerjournal.com/features/aqua-security-open-sources-container-pen-test/

 

Kubernetes Patches Recent HTTP/2 Vulnerabilities
August 23, 2019
https://www.securityweek.com/kubernetes-patches-recent-http2-vulnerabilities

 

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS
The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit
October 17, 2019
https://threatpost.com/kubernetes-bugs-authentication-bypass-dos/149265/

Palo Alto: Analysis of Two Newly Patched Kubernetes Vulnerabilities

 

Security concerns hampering adoption of containers and Kubernetes
February 19, 2020
https://www.techrepublic.com/articl...pering-adoption-of-containers-and-kubernetes/

StackRox: 5 Surprising Findings from StackRox’s Latest Kubernetes Security Report

"The State of Container and Kubernetes Security" (PDF - 2.01 MB): https://security.stackrox.com/rs/219-UEH-533/images/State_of_Container_and_Kubernetes_Report.pdf

 

Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)
July 27, 2020
https://unit42.paloaltonetworks.com/cve-2020-8558/

 

Why misconfigurations are such an issue in your containers and Kubernetes
September 22, 2020
https://cybersecurity.att.com/blogs...ch-an-issue-in-your-containers-and-kubernetes

 

StackRox Tool Prevents Kubernetes Misconfigurations
October 28, 2020
https://containerjournal.com/topics...x-tool-prevents-kubernetes-misconfigurations/

StackRox: Introducing KubeLinter - an open source linter for Kubernetes

 

All Kubernetes versions affected by unpatched MiTM vulnerability
December 8, 2020
https://www.bleepingcomputer.com/ne...ons-affected-by-unpatched-mitm-vulnerability/

 

Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows
Misconfigured permissions for Argo’s web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers
July 21, 2021
https://threatpost.com/kubernetes-cyberattacks-argo-workflows/167997/

Intezer: New Attacks on Kubernetes via Misconfigured Argo Workflows

 

Kubescape helps admins manage Kubernetes securely
August 24, 2021
https://www.helpnetsecurity.com/2021/08/24/kubescape-manage-kubernetes-securely/

 

Suse acquires NeuVector to bolster Kubernetes security
November 1, 2021
https://venturebeat.com/2021/11/01/suse-acquires-neuvector-to-bolster-kubernetes-security/

Suse: Accelerating Security Innovation at SUSE