Security News

The Wazuh open source platform plays a critical role in monitoring Kubernetes and other components of an organization's infrastructure. Kubernetes is an open source container management solution that automates the deployment and scaling of containers and also manages the life cycle of containers.

The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. "Recently, we identified a widespread campaign of Kinsing that targeted vulnerable versions of WebLogic servers," reads a report by Microsoft security researcher Sunders Bruskin.

The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. Kinsing has a storied history of targeting containerized environments, often leveraging misconfigured open Docker daemon API ports as well as abusing newly disclosed exploits to drop cryptocurrency mining software.

As companies undergo the shift to Kubernetes, security must be considered throughout the entire data lifecycle for IT teams who are constantly facing potential data breaches, delays, and inadequate security features that cannot easily be fixed: 94% of DevOps professionals experienced at least one Kubernetes security incident in the past year. As Kubernetes poses unique and complex challenges that leave many exposed to outside threats, developers must work to ensure their applications are safeguarded from outside risks.

Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed. In a survey of The State of Kubernetes Open Source Security, 55% of respondents said they used at least some open source tools to keep their Kubernetes clusters safe; this includes those who use purely open source and those mix open source and proprietary solutions.

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured Docker and Kubernetes instances.

Cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those certificates. Cert-manager is an open-source project that automates the issuance and renewal of X.509 certificates for cloud-native Kubernetes or OpenShift environments.

Confidential Computing is a hardware-based technology that shields computer workloads from their environments and keeps data encrypted during processing. In this Help Net Security video, Felix Schuster, CEO at Edgeless Systems, talks about the open-source release of Constellation.

Red Hat is backing a Cloud Native Computing Foundation project that aims to improve the security of containers in Kubernetes clusters by running them inside hardware-enforced enclaves. A company blog post says Red Hat is investing in Confidential Containers, which is a relatively new project from the CNCF-backed Confidential Computing Consortium.

As part of digital transformation, more and more organizations are transforming their application using cloud native architecture to become more agile and accelerate time to market. They are increasingly adopting containers and Kubernetes to do so.