Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Azure Kubernetes Service (AKS) Threat Hunting

As more businesses shift away from running workloads on dedicated virtual machines to running them inside containers using workload orchestrators like Kubernetes, adversaries have become more interested in them as targets. Moreover, the benefits Kubernetes provides for managing workloads are also extended to adversaries. As adversaries leverage Kubernetes to run their workloads, their understanding of how these platforms work and can be exploited increases.

msrc-blog
Open in Source
#mac#kubernetes
Configuring host-level audit logging for AKS VMSS

This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service (AKS) Virtual Machine Scale Set (VMSS) using the Linux auditing subsystem, also known as auditd. Warning The information provided below is accurate as of the release date of this blog post (2023-03) and guidance may change in future.

Hoxhunt Launches Human Risk Management Platform

Platform uniquely designed to facilitate automated compliance, security behavior change.

LastPass DevOps Engineer Targeted for Cloud Decryption Keys in Latest Breach Revelation

The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says.

GHSA-pfvh-p8qp-9ww9: Gogs OS Command Injection vulnerability

### Impact The malicious user is able to update a crafted `config` file into repository's `.git` directory in combination with crafted file deletion to gain SSH access to the server on case-insensitive file systems. All installations with [repository upload enabled (default)](https://github.com/gogs/gogs/blob/f36eeedbf89328ee70cc3a2e239f6314f9021f58/conf/app.ini#L127-L129) on case-insensitive file systems (Windows, macOS, etc.) are affected. ### Patches Make sanitization of upload path to `.git` directory to be case-insensitive. Users should upgrade to 0.12.11 or the latest 0.13.0+dev. ### Workarounds Disable [repository upload](https://github.com/gogs/gogs/blob/f36eeedbf89328ee70cc3a2e239f6314f9021f58/conf/app.ini#L127-L129). ### References https://huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97/ ### For more information If you have any questions or comments about this advisory, please post on https://github.com/gogs/gogs/issues/7030.

Pernicious Permissions: How Kubernetes Cryptomining Became an AWS Cloud Data Heist

The opportunistic "SCARLETEEL" attack on a firm's Amazon Web Services account turns into targeted data theft after the intruder uses an overpermissioned service to jump into cloud system.

Osprey Pump Controller 1.0.1 Cross Site Request Forgery

Osprey Pump Controller version 1.0.1 suffers from a cross site request forgery vulnerability.

Osprey Pump Controller 1.0.1 Authentication Bypass

Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system.