Jack Mannino, CEO at nVisium, a Falls Church, Virginia-based application security provider, notes, “This attack leveraged a common Kubernetes misconfiguration to gain persistence within the cluster. Combined with weakness in access control and isolation, this is a good way to gain a foothold into a cluster and establish command and control. As more production workloads move to cloud native, the complexity of securing clusters, software development pipelines, and cloud architectures becomes incredibly difficult, as the attack surface significantly expands.”
New TeamTNT malware targeting Kubernetes
