Security News

Microsoft warns of an ongoing series of attacks compromising Kubernetes clusters running Kubeflow machine learning instances to deploy malicious containers that mine for Monero and Ethereum cryptocurrency. The attacks had started towards the end of May when Microsoft security researchers observed a sudden increase in TensorFlow machine learning pod deployments.

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. "The burst of deployments on the various clusters was simultaneous. This indicates that the attackers scanned those clusters in advance and maintained a list of potential targets, which were later attacked on the same time," Microsoft's Senior Security Research Engineer Yossi Weizman said in a report.

A reverse engineer has discovered what is claimed to be "The first known malware targeting Windows containers to compromise cloud environments," a sentence to put any system administrator on edge. Building on work published in December of last year on reverse-engineering Windows containers, security researcher Daniel Prizmant's latest discovery - made during his day job at Palo Alto Networks' Unit 42 security arm - looks to punch holes in Kubernetes clusters, and has apparently succeeded in doing so across at least 23 known targets.

Windows containers have been victimized for over a year by the first known malware to target Windows containers. In a post published on Monday, Prizmant wrote that Siloscape is heavily obfuscated malware targeting Kubernetes clusters through Windows containers, with the main purpose of opening "a backdoor into poorly configured Kubernetes clusters in order to run malicious containers."

New malware active for more than a year is compromising Windows containers to compromise Kubernetes clusters with the end goal of backdooring them and paving the way for attackers to abuse them in other malicious activities. It organizes app containers into pods, nodes, and clusters, with multiple nodes forming clusters managed by a master which coordinates cluster-related tasks such as scaling or updating apps.

KubeSphere Community announced the general availability of KubeSphere 3.1.0. KubeSphere, as an app-centric distributed operating system running on top of Kubernetes, has further expanded its portfolio to deliver more robust experiences for users across the globe, enabling DevOps teams to run Kubernetes workloads where and when they want with ease and security.

This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchical security design that can achieve your enterprise security and compliance requirements, then define your label standard in alignment with your design.

Confluent announced Confluent for Kubernetes, a platform purpose-built to bring cloud-native capabilities to data streams in private infrastructures. To make it easier and faster to harness the value of data in motion across an entire organization, Confluent drew on its expertise managing thousands of Apache Kafka clusters in Confluent Cloud to offer the same cloud-native experience for on-premises environments.

A session on how to hack into a Kubernetes cluster was among the highlights of a Kubecon where the main events were generally bland and corporate affairs, perhaps indicative of the technology now being a de facto infrastructure standard among enterprises. Kubernetes is huge, and if there was an underlying theme at the event it was that Kubernetes is becoming the standard runtime platform.

Portworx released findings from its survey which assesses the mass adoption and evolution of Kubernetes usage among enterprise users in the last 12 months, in addition to the impact of the pandemic on IT users' attitudes towards their jobs. The survey found that 68 percent of IT professionals said they increased their usage of Kubernetes as a result of the pandemic, primarily to accelerate their deployment of new applications and increase their use of automation - both of which are critical to meeting customers and employees where they are today.