Security News > 2023 > April

Some might consider these actions cheating, while the acting player would argue that there was no rule that said the action couldn't be performed. How do we address these situations, and close those loopholes? We make new rules that specifically address the loophole action.

Google has addressed a Cloud Platform security vulnerability impacting all users and allowing attackers to backdoor their accounts using malicious OAuth applications installed from the Google Marketplace or third-party providers.Named GhostToken by Astrix Security, the Israeli cybersecurity startup that found and reported it to Google in June 2022, this security flaw was addressed via a global patch that rolled out in early April 2023.

Hackers use a novel method involving RBAC to create persistent backdoor accounts on Kubernetes clusters and hijack their resources for Monero crypto-mining. RBAC is a Kubernetes API access control system allowing admins to define which users or service accounts can access API resources and operations.

A growing reliance on AI and ML. Among the key findings in GitLab's report was the fact that AI/ML adoption in software development and security workflows continues to accelerate, with 62% of software developers using AI/ML to check code - up from 51% in 2022 - while 53% are using bots in the testing process, compared to 39% last year. In GitLab's 2022 Global DevSecOps Report, 54% of security respondents said they used two to five tools in their workflow, while 35% reported using six to 10; in 2023, these figures were 42% and 43%, respectively.

Apple introduced the optional recovery key in 2020 to protect users from online hackers. iPhone thieves with your passcode can flip on the recovery key and lock you out.

The American Bar Association has suffered a data breach after hackers compromised its network and gained access to older credentials for 1,466,000 members.The ABA is the largest association of lawyers and legal professionals globally, with 166,000 members as of 2022.

A large-scale attack campaign discovered in the wild has been exploiting Kubernetes Role-Based Access Control to create backdoors and run cryptocurrency miners. The Israeli company, which dubbed the attack RBAC Buster, said it found 60 exposed K8s clusters that have been exploited by the threat actor behind this campaign.

Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform that could have enabled threat actors to conceal an unremovable, malicious application inside a victim's Google account. "The vulnerability allows attackers to gain permanent and unremovable access to a victim's Google account by converting an already authorized third-party application into a malicious trojan app, leaving the victim's personal data exposed forever," Astrix said in a report.

These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets. In response, Uptycs, the first unified CNAPP and XDR platform, released a whitepaper, "14 Kubernetes and Cloud Security Predictions for 2023 and How Uptycs Meets Them Head-On" addressing the most pressing challenges and trends in Kubernetes and cloud security for 2023.

An international group of law enforcement agencies are urging Meta not to standardize end-to-end encryption on Facebook Messenger and Instagram, which they say will harm their ability to fight child sexual abuse material online. "The VGT has not yet seen any indication from META that any new safety systems implemented post-E2EE will effectively match or improve their current detection methods," the taskforce said.