Exploiting Kubernetes through Operator Injection | allinfosecnews.com

Feb. 13, 2024, 7:24 p.m. | Thomas Tan

Security Boulevard securityboulevard.com

Intro The Kubernetes documentation describes operators as “software extensions to Kubernetes that use custom resources to manage applications and their components.” These operators automate application resource deployment and management with custom controllers tied to one or more custom resource definitions. Custom controllers create bespoke attack surfaces that attackers can target when they can control custom resource data. […]

The post Exploiting Kubernetes through Operator Injection appeared first on Praetorian.

The post Exploiting Kubernetes through Operator Injection appeared first on …

application applications attack attackers attack surfaces can components control controllers definitions deployment documentation exploiting extensions injection kubernetes manage management operators resource resources software target vulnerabilities vulnerability research

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Intender: Fuzzing Intent-Based Networking with Intent-State Transition Guidance 20 hours ago | securityboulevard.com

access authors channel conference +20

What is an IS (RBI) Audit? 1 day, 4 hours ago | securityboulevard.com

address audit banking banks +27

Understanding Credential Phishing 1 day, 11 hours ago | securityboulevard.com

attackers breach breaches ceo +23

Adaptive DDoS Defense’s Value in the Security Ecosystem 1 day, 12 hours ago | securityboulevard.com

adaptive ddos analytics & intelligence and response attack +24

Understanding Business Email Compromise (BEC) 1 day, 12 hours ago | securityboulevard.com

attackers attacks bec business +17

Risk vs. Threat vs. Vulnerability: What is the difference? 1 day, 14 hours ago | securityboulevard.com

ciso suite click cyber lingo cyber security risks +11

Compromising ByteDance’s Rspack using GitHub Actions Vulnerabilities 1 day, 14 hours ago | securityboulevard.com

actions attacker bytedance bytedance rspack +16

Impart Security: Leading the Charge in API Security with SOC 2 Type 2 Certification | … 1 day, 15 hours ago | securityboulevard.com

api api security certification charge +7

Senator Calls for FTC, SEC Probe Into UnitedHealth’s ‘Negligence’ in Breach 1 day, 15 hours ago | securityboulevard.com

attack board breach ceo +30

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com