A security issue was discovered in the kube-apiserver that could enable a privilege escalation from a compromised node.
Two security issues were discovered in Kubernetes and disclosed on March 23, 2020 that could lead to a recoverable denial of service in a Kubernetes cluster.
In the security world, one of the most established methods to identify that a system was compromised, abused or mis-configured is to collect logs of all the activity performed by the system’s users and automated services, and to analyze these logs.
Tunneling is the practice of embedding messages of one network protocol within messages of a different network protocol. In a security context, tunneling is a way for an attacker to bypass security boundaries like the perimeter firewall of a cloud deployment by encapsulating malicious traffic within permitted traffic. This blog explores the challenges of detecting DNS tunneling, and offers a solution to how you can detect a DNS tunneling attack on you cloud environments.