all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Kubernetes Privilege Escalation: Container Escape == Cluster Admin?

Add to bookmarks
Nov. 28, 2022, 6:56 p.m. | Black Hat

Black Hat www.youtube.com

In this talk, Yuval and Shaul will reveal the powerful system pods quietly installed by popular Kubernetes platforms. They'll show how attackers may abuse these pods, and demo new privilege escalation techniques. Covering managed Kubernetes services and common open-source add-ons, they'll demonstrate how on the most popular platforms today - a single container escape is often enough to take over the entire cluster.

Looking ahead, they'll present tools that flush out powerful pods and identify privilege escalation paths in a …

cluster container container escape escalation escape kubernetes privilege privilege escalation

Visit resource

More from www.youtube.com / Black Hat

Startup Spotlight Competition at Black Hat 4 days, 17 hours ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 3 weeks, 2 days ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 3 weeks, 2 days ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 3 weeks, 2 days ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 3 weeks, 3 days ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 3 weeks, 3 days ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 4 weeks ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 4 weeks ago | www.youtube.com
analysis ask bad codeql +10
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 4 weeks, 1 day ago | www.youtube.com
attacks call cloudflare detection +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US
View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site
View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1
View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States
View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote
View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON
View on infosec-jobs.com
View more jobs