Tag: kubernetes

Why we need a unified approach to Kubernetes environments

Jan 29, 2025 10:39 PM

Tags: kubernetes

First seen on scworld.com Jump to article: www.scworld.com/perspective/why-we-need-a-unified-approach-to-kubernetes-environments
Horizon3 launches NodeZero Kubernetes pentesting

Jan 14, 2025 9:04 PM

Tags: kubernetes, penetration-testing

First seen on scworld.com Jump to article: www.scworld.com/brief/horizon3-launches-nodezero-kubernetes-pentesting
Stay on kOps or Move to EKS? 6 Reasons Tech Leaders May Want to Switch

Jan 10, 2025 9:20 AM

Tags: cloud, container, docker, google, ibm, kubernetes, microsoft, service, switch, technology
Key trends for Kubernetes security in 2024

Jan 7, 2025 10:18 PM

Tags: kubernetes

First seen on scworld.com Jump to article: www.scworld.com/brief/key-trends-for-kubernetes-security-in-2024
Agents, Robotics, and Auth Oh My! – Impart Security

Jan 7, 2025 5:18 PM

Tags: access, ai, api, attack, automation, awareness, backdoor, breach, chatgpt, cloud, conference, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, ddos, deep-fake, defense, detection, email, exploit, finance, firewall, fraud, healthcare, incident response, infrastructure, intelligence, kubernetes, LLM, malicious, malware, mitigation, network, offense, password, phishing, risk, saas, scam, security-incident, service, social-engineering, software, strategy, supply-chain, technology, threat, unauthorized, update, vulnerability, waf

Agents, Robotics, and Auth – Oh My! Introduction 2025 will be the year of the futurist. I never thought that I’d be writing a blog post about AI and robotics at this point in my career, but technology has advanced so much in the lat 12 months setting up 2025 to be a landmark year…
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation

Dec 31, 2024 7:27 AM

Tags: access, apache, cybersecurity, data, exploit, flaw, kubernetes, malware, microsoft

Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment.”Exploiting these flaws could allow attackers to gain persistent access as shadow administrators First seen on thehackernews.com…
The Top 5 Kubernetes CVEs of 2024: Have You Patched Them Yet?

Dec 23, 2024 8:42 PM

Tags: api, attack, cve, kubernetes, update, vulnerability
Impart is now available in the AWS Marketplace – Impart Security

Dec 21, 2024 12:43 AM

Tags: api, attack, data, detection, fraud, infrastructure, injection, kubernetes, marketplace, metric, monitoring, risk, service, strategy, threat, tool, update, waf

Today, we are thrilled to announce that Impart is now available in the AWS Marketplace. More Streamlined Contracting AWS customers with existing spend commitments can apply their Impart purchase toward their AWS commitment. This availability simplifies the buying process with streamlined contractual and legal terms, enabling faster procurement. Product Benefits AWS customers can now more easily purchase…
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight

Dec 20, 2024 4:46 PM

Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, update

Check out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
Kubernetes Secrets: How to Create and Use Them

Dec 19, 2024 8:43 PM

Tags: api, container, data, kubernetes, password, risk
When Why to Hand Over the Keys to Your Kubernetes Infrastructure

Dec 17, 2024 5:42 AM

Tags: cloud, container, infrastructure, kubernetes, service
EDR-Software ein Kaufratgeber

Dec 10, 2024 6:07 AM

Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day
Kubernetes 1.32 A Security Perspective

Dec 9, 2024 1:07 PM

Tags: authentication, kubernetes

Kubernetes continues to evolve its security posture with version 1.32, introducing several significant improvements in authentication, authorization, and First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/kubernetes-1-32-a-security-perspective/
Five ways to tighten up Kubernetes security

Dec 3, 2024 9:48 PM

Tags: kubernetes

First seen on scworld.com Jump to article: www.scworld.com/perspective/five-ways-to-tighten-up-kubernetes-security
Kubernetes-Storage: Portworx by Pure Storage benennt wichtige Trends

Dec 1, 2024 8:28 PM

Tags: kubernetes, service

Mit Portworx können Unternehmen ihren Entwicklern ein Self-Service-Erlebnis bieten, während sie gleichzeitig die Verschwendung von GPU-Ressourcen verm… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kubernetes-storage-portworx-by-pure-storage-benennt-wichtige-trends/a36885/
Veeam verbessert die Kubernetes-native Datensicherung mit Kasten V7.0

Dec 1, 2024 7:27 PM

Tags: cyber, kubernetes, resilience, veeam

Mit seinem Schwerpunkt auf Cyber-Resilienz und der Erfüllung von Unternehmensanforderungen stellt Veeam Kasten V7.0 strenge, standardkonforme Sicherhe… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/veeam-verbessert-die-kubernetes-native-datensicherung-mit-kasten-v7-0/a37291/
Dynatrace präsentiert Observability-gesteuertes Kubernetes Security Posture Management

Dec 1, 2024 6:27 PM

Tags: kubernetes, risk

Die neue KSPM-Lösung von Dynatrace ermöglicht es Teams zusammen mit den bestehenden RVA- und RAP-Funktionen der Plattform, Risiken in ihren Kubernetes… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/dynatrace-praesentiert-observability-gesteuertes-kubernetes-security-posture-management/a37417/
Portworx by Pure Storage erläutert Best Practices für Kubernetes-Storage

Dec 1, 2024 4:26 PM

Tags: best-practice, kubernetes

Kubernetes ist extrem leistungsfähig bei der Orchestrierung und Verwaltung von Tausenden von containerisierten Anwendungen. Die Speicherung in Kuberne… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/portworx-by-pure-storage-erlaeutert-best-practices-fuer-kubernetes-storage/a38172/
Keep Hackers Out of Your Kubernetes Cluster with These 5 Simple Tricks!

Dec 1, 2024 4:20 AM

Tags: hacker, kubernetes

First seen on tldrsec.com Jump to article: tldrsec.com/p/kubernetes-security-threat-informed-defense
Zero Trust Access to Kubernetes

Dec 1, 2024 2:19 AM

Tags: access, cloud, infrastructure, kubernetes, zero-trust

Overthe past few years, Kudelski Security’s engineering team has prioritized migrating our infrastructure to multi-cloud environments. Our internal cl… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2021/12/14/zero-trust-access-to-kubernetes/
Kubernetes Image Builder Vulnerabilities

Dec 1, 2024 1:19 AM

Tags: cve, kubernetes, vulnerability

Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (CVSS 6.3), that impact the Kubernetes Image Builder. T… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/10/17/kubernetes-image-builder-vulnerabilities/
AWS re:Invent 2024: Optimize Your Kubernetes with Fairwinds and NetApp

Nov 27, 2024 12:12 AM

Tags: cloud, control, infrastructure, kubernetes, service
GitLab Patches Critical Flaws Leads to Unauthorized Access to Kubernetes Cluster

Nov 14, 2024 9:53 AM

Tags: access, cyber, flaw, gitlab, kubernetes, unauthorized, update, vulnerability

GitLab has rolled out critical security updates to address multiple vulnerabilities in its Community Edition (CE) and Enterprise Edition (EE), fixing issues that could lead to unauthorized access to Kubernetes clusters and other potential exploits. The latest patch versions, 17.5.2, 17.4.4, and 17.3.7, are now available, and GitLab strongly urges all self-managed users to upgrade…
Critical default credential in Kubernetes Image Builder allows SSH root access

Nov 13, 2024 7:50 PM

Tags: access, credentials, kubernetes

First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/critical_kubernetes_image_builder_bug/
Managed Kubernetes-as-a-Service: A Force Multiplier for Your Tech Team

Nov 13, 2024 6:53 PM

Tags: business, container, infrastructure, kubernetes, service
ARMO selected by Orange Business to Secure its Managed Kubernetes Services

Nov 12, 2024 8:04 PM

Tags: business, kubernetes, service

We’re honored to share a new partnership with Orange Business (Norway), a global leader in digital services. ARMO First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/armo-selected-by-orange-business-to-secure-its-managed-kubernetes-services/
A Critical Guide to Securing Large Language Models

Nov 7, 2024 2:03 PM

Tags: access, ai, best-practice, business, cloud, compliance, control, data, encryption, google, guide, infrastructure, intelligence, kubernetes, LLM, microsoft, network, saas, service, software, strategy, unauthorized, update, vmware

A Critical Guide to Securing Large Language Models madhav Thu, 11/07/2024 – 06:25 Securing large language models (LLMs) presents unique challenges due to their complexity, scale, and data interactions. Before we dive into securing them, let’s touch on the basics. What are LLMs? LLMs are Large Language Models that are advanced artificial intelligence systems designed…
Unbefugter Zugriff auf die VMs möglich – Kubernetes erstellt gefährdete VM-Images

Nov 4, 2024 7:56 AM

Tags: access, kubernetes

First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-kubernetes-virtuelle-maschinen-bedroht-a-de45ab5766a26b886d689ce52f6d69e5/
Runtime context: the missing piece in Kubernetes security

Oct 31, 2024 3:56 PM

Tags: kubernetes

First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/runtime-context-the-missing-piece-in-kubernetes-security/
How isolation technologies are shaping the future of Kubernetes security

Oct 30, 2024 5:56 AM

Tags: ceo, kubernetes, vulnerability

In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigati… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/28/emily-long-edera-kubernetes-clusters-security/