all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How the Sys:All Loophole Allowed Us to Penetrate GKE Clusters in Production

Add to bookmarks
c
March 21, 2024, 5:11 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Orca Security. Written by Ofir Yakobi. Following our discovery of a critical loophole in Google Kubernetes Engine (GKE) dubbed Sys:All, we decided to conduct research into the real-world impacts of this issue. Our initial probe already revealed over a thousand vulnerable GKE clusters due to admins configuring RBAC bindings making the system:authenticated group overprivileged, which could potentially allow any Google account holder to access and control these clusters.G...

clusters critical discovery engine gke google google kubernetes engine issue kubernetes orca orca security probe production real research security vulnerable world written

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
CISOs, AI, and OT: A Balancing Act Between Innovation and Protection 1 day, 21 hours ago | cloudsecurityalliance.org
act balancing act ben ciso +19
Cl
Microsoft Copilot for Security: Everything You Need to Know 2 days, 16 hours ago | cloudsecurityalliance.org
ai-powered copilot copilot for security cybersecurity +17
Cl
Navigating the Cloud – Beyond “Best Practices” 3 days, 23 hours ago | cloudsecurityalliance.org
architectures best practices beyond businesses +17
Cl
Defining Cloud Key Management: 7 Essential Terms 1 week, 2 days ago | cloudsecurityalliance.org
access access control breaches cloud +26
Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 1 week, 3 days ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 1 week, 3 days ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 1 week, 3 days ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 1 week, 3 days ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Post-Quantum Preparedness 1 week, 3 days ago | cloudsecurityalliance.org
availability change code computers +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs