As part of our initiative to improve security in the cloud-native landscape, I conducted a security audit of multiple Go libraries that Kubernetes is based on. In my research, I found CVE-2021-20291 in containers/storage that leads to a Denial of Service (DoS) of the container engines CRI-O and Podman when pulling a malicious image from a registry. Through this vulnerability, malicious actors could jeopardize any containerized infrastructure that relies on these vulnerable container engines, including Kubernetes and OpenShift. By Aviv Sasson I April 14, 2021
Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware. By Jai Vijayan I April 12, 2021
Golden Chickens, a group of cybercriminals, has been recently discovered using spear-phishing attacks aimed at business professionals on LinkedIn, with fake job offers. In their attack, crooks deliver the fileless backdoor called more_eggs. The campaign was discovered by researchers at eSentire, who warned enterprises and individuals. By Cyware Alerts I April 13, 2021
| Download our latest Infographic Now! |
|
Sincerely, Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827 |