Security News

The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. Kinsing has a storied history of targeting containerized environments, often leveraging misconfigured open Docker daemon API ports as well as abusing newly disclosed exploits to drop cryptocurrency mining software.

As companies undergo the shift to Kubernetes, security must be considered throughout the entire data lifecycle for IT teams who are constantly facing potential data breaches, delays, and inadequate security features that cannot easily be fixed: 94% of DevOps professionals experienced at least one Kubernetes security incident in the past year. As Kubernetes poses unique and complex challenges that leave many exposed to outside threats, developers must work to ensure their applications are safeguarded from outside risks.

Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed. In a survey of The State of Kubernetes Open Source Security, 55% of respondents said they used at least some open source tools to keep their Kubernetes clusters safe; this includes those who use purely open source and those mix open source and proprietary solutions.

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured Docker and Kubernetes instances.

Cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those certificates. Cert-manager is an open-source project that automates the issuance and renewal of X.509 certificates for cloud-native Kubernetes or OpenShift environments.

Confidential Computing is a hardware-based technology that shields computer workloads from their environments and keeps data encrypted during processing. In this Help Net Security video, Felix Schuster, CEO at Edgeless Systems, talks about the open-source release of Constellation.

Red Hat is backing a Cloud Native Computing Foundation project that aims to improve the security of containers in Kubernetes clusters by running them inside hardware-enforced enclaves. A company blog post says Red Hat is investing in Confidential Containers, which is a relatively new project from the CNCF-backed Confidential Computing Consortium.

As part of digital transformation, more and more organizations are transforming their application using cloud native architecture to become more agile and accelerate time to market. They are increasingly adopting containers and Kubernetes to do so.

Every organization should have a business continuity plan, and a key component of your business continuity policy should be regional disaster recovery, which places a secondary IT environment far enough away from your primary site that it won't be affected by the same disaster. Why you should meet regional recovery needs with Kubernetes.

Kubernetes is delivering business value and is set to win an increasing share of production workloads, with almost all respondents to a Dimensional Research study saying they plan to scale and diversify their Kubernetes infrastructures in some way in the coming year. With growth comes increased complexity, and already those respondents that have the most extensive use of Kubernetes - with more clusters and more distributions, across more environments such as edge and with more software elements in their 'stack' such as monitoring, security, ingress or service mesh - are experiencing more significant challenges.