1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Nearly half a million Kubernetes servers left open to the Interne

    From TechnologyDaily@1337:1/100 to All on Tue May 24 19:45:04 2022
    Nearly half a million Kubernetes servers left open to the Internet

    Date:
    Tue, 24 May 2022 18:18:35 +0000

    Description:
    Most of the Kubernetes servers are most likely misconfigured, but could still be at risk.

    FULL STORY ======================================================================

    Hundreds of thousands of endpoints running Kubernetes API have been exposed
    to the internet, and so could potentially be vulnerable to virus deployment and other cyberattacks, new research has found.

    A report from nonprofit organization The Shadowserver Foundation recently scanned a total of 454,729 systems hosting the container orchestration
    system, and found 84% to be accessible via the internet, at least to some degree. Thats a total of 381,654 systems.

    While being exposed to the internet does not automatically mean compromised, it is the first, and most important step, toward a data breach. Whats more
    all of these are most likely the result of misconfigurations, rather than intent.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Implementing authentication

    After all, a recent security report found that most people using Kubernetes dont know exactly what theyre doing.

    "While this does not mean that these instances are fully open or vulnerable
    to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver says in the blog post. "They also allow for information leakage on version
    and build."

    Of all the accessible instances, 201,348 (53%) were located in the United States, the organization stated. It stressed that companies with internet-accessible Kubernetes API servers should implement some form of access authorization, or block access at the firewall , to prevent possible data breaches and cyberattacks. Read more

    Windows 11 really isn't as secure as we think it is


    Microsoft is working on a whole new kind of Kubernetes


    Microsoft has uncovered loads of Windows 11 security threats heres what
    you need to do

    Kubernetes is a ten-year-old Google product for container management, both on-prem and in the public cloud, maintained by the Cloud Native Computing Foundation.

    Commercial versions are sold by multiple software companies. Amazon, Google, IBM, Microsoft, Oracle, Red Hat, SUSE, Platform9, and VMware, all offer Kubernetes-based platforms or infrastructure as a service (IaaS) that deploy Kubernetes.

    It is extremely popular, being used by most companies worldwide, according to market analysts Statista. Prevent attacks against your servers with the best antivirus solutions right now

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/nearly-half-a-million-kubernetes-servers-left-o pen-to-the-internet/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)