Jack Mannino, CEO at nVisium, a Falls Church, Virginia-based application security provider, notes, “This attack leveraged a common Kubernetes misconfiguration to gain persistence within the cluster. Combined with weakness in access control and isolation, this is a good way to gain a foothold into a cluster and establish command and control. As more production workloads move to cloud native, the complexity of securing clusters, software development pipelines, and cloud architectures becomes incredibly difficult, as the attack surface significantly expands.”
Recent Posts
- nVisium Grows by 30% as Demand for Vulnerability Assessments and Security Training Services Accelerates
- Nvidia’s Anti-Cryptomining GPU Chip May Not Discourage Attacks
- 5 Considerations To Improve Your Cyber Security Risk Managment
- Why DDoS Attacks Are Thriving in the Work-From-Home Era
- Second malware strain primed to attack Apple’s new M1 chip identified