Darkreading.com: Latest Cybersecurity News

Container verification bug allows malicious images to cloud up Kubernetes.

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 24 December 2022, 1400 UTC. Content supplied by "Darkreading.com."

Source:  https://www.darkreading.com/

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

Latest News

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.

LastPass Cops to Massive Breach Including Customer Vault Data

The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.

Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs

Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.

Google: With Cloud Comes APIs & Security Headaches

APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.

Inside the Next-Level Fraud Ring Scamming Billions Off Holiday Retailers

"Largest attack of its kind": A potent Southeast Asian e-commerce fraud ring has declared war on US retailers, targeting billions in goods in just the past month and forcing mules into its scheme.

Biden Signs Post-Quantum Cybersecurity Guidelines Into Law

The new law holds the US Office of Budget and Management to a road map for transitioning federal systems to NIST-approved PQC.

Security on a Shoestring? Cloud, Consolidation Best Bets for Businesses

With a recession potentially coming, some companies are cutting security teams. But moving more infrastructure to the cloud and reducing the number of vendors through consolidation may be the best ways to prepare.

Google WordPress Plug-in Bug Allows AWS Metadata Theft

A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.