A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.
Follow Dark Reading:
 December 27, 2022
LATEST SECURITY NEWS & COMMENTARY
Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes
A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.
Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs
Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.
Google: With Cloud Comes APIs & Security Headaches
APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.
LastPass Cops to Massive Breach Including Customer Vault Data
The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Security on a Shoestring? Cloud, Consolidation Best Bets for Businesses
With a recession potentially coming, some companies are cutting security teams. But moving more infrastructure to the cloud and reducing the number of vendors through consolidation may be the best ways to prepare.

Threat Modeling in the Age of OpenAI's Chatbot
New technical chatbot capabilities raise the promise that their help in threat modeling could free humans for more interesting work.

Ransomware Attackers Bypass Microsoft's ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.

MORE
EDITORS' CHOICE
Google WordPress Plug-in Bug Allows AWS Metadata Theft
A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.
LATEST FROM THE EDGE

Give Yourself the Gift of Secure Holiday E-Commerce
Automating your defenses can bring good tidings of great joy.
LATEST FROM DR TECHNOLOGY

How to Run Kubernetes More Securely
The open source container tool is quite popular among developers — and threat actors. Here are a few ways DevOps teams can take control.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Passwordless Authentication Market to Be Worth $55.7 Billion by 2030: Grand View Research, Inc.
Trend Micro Joins Google’s App Defense Alliance
Kaspersky Research Finds Reverse Engineering Is the Most On-Demand Skill Among InfoSec Specialists
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us