all InfoSec news
Attacker persistence in Kubernetes using the TokenRequest API: Overview, detection, and prevention
Dec. 1, 2022, midnight |
Datadog Security Labs securitylabs.datadoghq.com
One common way for users to authenticate to Kubernetes clusters is through an API that issues JSON Web Token (JWTs). These tokens can be used to identify a Kubernetes user or service account and grant them access to the environment. While this isn’t a new feature, Kubernetes 1.24 added a command that allows users to create these tokens more easily using the TokenRequest API.
Unfortunately, attackers can abuse this feature to create long-lived and hard-to-detect privileged access to …
More from securitylabs.datadoghq.com / Datadog Security Labs
An analysis of a TeamTNT doppelgänger
1 month, 3 weeks ago |
securitylabs.datadoghq.com
Highlights from Datadog Security Labs in 2023
2 months, 3 weeks ago |
securitylabs.datadoghq.com
Kubernetes security fundamentals: API Security
3 months, 3 weeks ago |
securitylabs.datadoghq.com
Jobs in InfoSec / Cybersecurity
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Azure Security Architect
@ First Quality | Remote US - Eastern or Central Timezone
Staff Security Researcher (Network Protocols)
@ Palo Alto Networks | Santa Clara, CA, United States
Senior Product Manager - Endpoint Security
@ Ivanti | Bengaluru, India
Penetration Tester
@ Lostar | İstanbul, Türkiye