Kubernetes - Security Ticks

Kanister: Open-source data protection workflow management tool

Cloud Native Computing Foundation, Data Protection, Don't miss, GitHub, Kubernetes, News, open source, software / SecurityTicks

Kanister: Open-source data protection workflow management tool 2025-06-26 at 08:04 By Help Net Security Kanister is an open-source tool that lets domain experts define how to manage application data using blueprints that are easy to share and update. It handles the complex parts of running these tasks on Kubernetes and gives a consistent way to […]

React to this headline:

Kanister: Open-source data protection workflow management tool Read More »

AWS launches new cloud security features

account protection, AWS, cloud security, DDoS, Don't miss, Hot stuff, Kubernetes, MFA, News / SecurityTicks

AWS launches new cloud security features 2025-06-18 at 17:59 By Zeljka Zorz Amazon Web Services has announced new and improved security features at its annual AWS re:Inforce cloud security conference. The company has also introduced features aimed at speeding up backup recovery, and has announced the completion of its push to protect all AWS root

React to this headline:

AWS launches new cloud security features Read More »

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security

containers, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Kubernetes, News, opinion, Rootly / SecurityTicks

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security 2025-06-18 at 09:02 By Help Net Security As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated CNCF Cilium and its sub-project Tetragon, combined with Software Bills of

React to this headline:

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security Read More »

Containers are just processes: The illusion of namespace security

containers, cybersecurity, Don't miss, Edera, Expert analysis, Expert corner, Hot stuff, Kubernetes, Linux, News, open source, opinion / SecurityTicks

Containers are just processes: The illusion of namespace security 2025-05-20 at 08:31 By Help Net Security In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and faster security improvements, making OSS often more secure than proprietary code.

React to this headline:

Containers are just processes: The illusion of namespace security Read More »

Kubernetes has grown up: From testbed to critical infrastructure

Kubernetes, News, SUSE, Video / SecurityTicks

Kubernetes has grown up: From testbed to critical infrastructure 2025-05-15 at 08:02 By Help Net Security In this Help Net Security video, Divya Mohan, Principal Technology Advocate at SUSE, discusses how Kubernetes has firmly transitioned from an emerging technology into a core part of enterprise production environments. A new survey from SUSE highlights the latest

React to this headline:

Kubernetes has grown up: From testbed to critical infrastructure Read More »

Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations

Apache Pinot, cloud security, exploited, Kubernetes / SecurityTicks

Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations 2025-05-06 at 14:17 By Eduard Kovacs Misconfigured Apache Pinot instances can and have enabled threat actors to gain access to sensitive information. The post Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations Read More »

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation

Chainguard, containers, Funding/M&A, Kleiner Perkins, Kubernetes, open source, supply chain, Supply Chain Security / SecurityTicks

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation 2025-04-23 at 17:20 By Ryan Naraine The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion. The post Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation appeared first on SecurityWeek. This

React to this headline:

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation Read More »

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

AWS, containers, Don't miss, Google, Hot stuff, Kubernetes, News, vulnerability, Wiz / SecurityTicks

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover 2025-03-25 at 18:54 By Zeljka Zorz Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering

React to this headline:

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover Read More »

IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking

cloud security, Featured, IngressNightmare, Kubernetes, Vulnerabilities / SecurityTicks

IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking 2025-03-25 at 12:17 By Eduard Kovacs Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes. The post IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking Read More »

Edera Banks $15M for Kubernetes Workload Isolation Tech

Chainguard, cloud security, container, Edera, Kubernetes, M12, Malware & Threats, Series A / SecurityTicks

Edera Banks $15M for Kubernetes Workload Isolation Tech 2025-02-25 at 16:53 By Ryan Naraine Seattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors. The post Edera Banks $15M for Kubernetes Workload Isolation Tech appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Edera Banks $15M for Kubernetes Workload Isolation Tech Read More »

Am I Isolated: Open-source container security benchmark

containers, Don't miss, Edera, GitHub, Hot stuff, Kubernetes, News, open source, software / SecurityTicks

Am I Isolated: Open-source container security benchmark 2024-11-08 at 07:30 By Mirko Zorz Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isolation. It also provides guidance to improve users’

React to this headline:

Am I Isolated: Open-source container security benchmark Read More »

How isolation technologies are shaping the future of Kubernetes security

containers, cybersecurity, Don't miss, Edera, Features, Hot stuff, Kubernetes, News, opinion, regulation / SecurityTicks

How isolation technologies are shaping the future of Kubernetes security 2024-10-28 at 08:01 By Mirko Zorz In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long shares insights on emerging isolation technologies that could enhance Kubernetes security and better protect containerized

React to this headline:

How isolation technologies are shaping the future of Kubernetes security Read More »

Strengthening Kubernetes security posture with these essential steps

containers, cybersecurity, Don't miss, Features, Hot stuff, Kubernetes, News, open source, opinion, SparkFabrik, strategy, vulnerability management / SecurityTicks

Strengthening Kubernetes security posture with these essential steps 2024-10-16 at 07:01 By Mirko Zorz In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through deployment. He focuses on best practices, automation, and continuous monitoring. Many security risks in Kubernetes originate from vulnerable container images.

React to this headline:

Strengthening Kubernetes security posture with these essential steps Read More »

Kubernetes Container Isolation Startup Edera Raises $5 Million

container, Cybersecurity Funding, funding, Kubernetes / SecurityTicks

Kubernetes Container Isolation Startup Edera Raises $5 Million 2024-09-20 at 15:01 By Ionut Arghire Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads. The post Kubernetes Container Isolation Startup Edera Raises $5 Million appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Kubernetes Container Isolation Startup Edera Raises $5 Million Read More »

Azure Kubernetes Services Vulnerability Exposed Sensitive Information

Azure, Cloud, cloud security, Kubernetes / SecurityTicks

Azure Kubernetes Services Vulnerability Exposed Sensitive Information 2024-08-21 at 14:46 By Ionut Arghire A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters. The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Azure Kubernetes Services Vulnerability Exposed Sensitive Information Read More »

Portainer: Open-source Docker and Kubernetes management

containers, Docker, GitHub, Kubernetes, News, open source, software / SecurityTicks

Portainer: Open-source Docker and Kubernetes management 2024-07-01 at 07:32 By Mirko Zorz Portainer Community Edition is an open-source, lightweight service delivery platform for containerized applications. It enables the management of Docker, Swarm, Kubernetes, and ACI environments. It provides a smart GUI and a comprehensive API to manage your orchestrator resources, including containers, images, volumes, networks,

React to this headline:

Portainer: Open-source Docker and Kubernetes management Read More »

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining

exploited, Kubernetes, Malware & Threats, OpenMetadata / SecurityTicks

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining 2024-04-19 at 13:01 By Eduard Kovacs Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments. The post OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining Read More »

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers

cloud security, CVE-2024-29990, Kubernetes, Microsoft, Patch Tuesday, Vulnerabilities / SecurityTicks

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers 2024-04-09 at 22:02 By Ryan Naraine Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters. The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Read More »

Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints

cloud security, Kubernetes, Vulnerabilities / SecurityTicks

Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints 2024-03-14 at 14:01 By Ionut Arghire A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints. The post Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints Read More »

Orca Flags Dangerous Google Kubernetes Engine Misconfiguration

cloud security, GKE, Google Chrome, Kubernetes, Orca Security, Vulnerabilities / SecurityTicks

Orca Flags Dangerous Google Kubernetes Engine Misconfiguration 2024-01-24 at 17:48 By Ionut Arghire Attackers could take over a Kubernetes cluster if access privileges are granted to all authenticated users in Google Kubernetes Engine. The post Orca Flags Dangerous Google Kubernetes Engine Misconfiguration appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Orca Flags Dangerous Google Kubernetes Engine Misconfiguration Read More »