Threat Post

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit. A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under ...
Threat Post

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise

A chain of exploits could allow a malicious Azure user to infiltrate other customers’ cloud instances within Microsoft’s container-as-a-service offering. A critical security vulnerability allowing ...
InfoQ

Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Dark Reading

6 Best Practices to Ensure Kubernetes Security Meets Compliance Regulations

Businesses are moving fast to modernize application development, but Kubernetes security has taken a back seat in many cases. While that deprioritization is increasingly risky, security strategies to ...
Infosecurity-magazine.com

#HowTo: Implement Continuous Compliance for Kubernetes

To meet the increasingly strict security guidelines of regulations like SOC 2, PCI DSS, GDPR, HIPAA and others, the highly dynamic nature of Kubernetes environments requires a carefully planned – and ...
Dark Reading

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

A high-severity security vulnerability in the Kyverno admission controller for container images could allow malicious actors to import a raft of nefarious code into cloud production environments. The ...