all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining

Add to bookmarks
April 21, 2023, 1:26 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners.
"The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack," cloud security firm Aqua said in a report shared with The Hacker News. The Israeli company, which dubbed the attack

access access control aqua attack attackers backdoors campaign cloud cloud security clusters control cryptocurrency cryptocurrency mining exploited exploiting hacker hijack israeli k8s kubernetes large miners mining rbac report resources role role-based access control run scale security

Visit resource

More from thehackernews.com / The Hacker News

U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 3 hours ago | thehackernews.com
address ai risks ai security artificial +16
Considerations for Operational Technology Cybersecurity 3 hours ago | thehackernews.com
change control cybersecurity devices +18
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 8 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 20 hours ago | thehackernews.com
access accounts address android +20
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale 1 day ago | thehackernews.com
actor china cloud cloud security +22
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM 1 day, 3 hours ago | thehackernews.com
adoption attackers challenge cyber +21
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks 1 day, 3 hours ago | thehackernews.com
actor attacks code code execution +22
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover 1 day, 4 hours ago | thehackernews.com
access adversary code code execution +18
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks 2 days ago | thehackernews.com
access access management attacks availability +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer

@ Commit | San Francisco
View on infosec-jobs.com

Trainee (m/w/d) Security Engineering CTO Taskforce Team

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Security Engineer

@ EY | Nicosia, CY, 1087
View on infosec-jobs.com

Information System Security Officer (ISSO) Level 3-COMM Job#455

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Application Security Engineer

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs