How to Apply Common Security Principles and What tool to Choose to Prevent Attacks on Your Docker Containers and Kubernetes clusters.
1. Man-in-the-Middle attack.
The MITM attack is widespread in the Kubernetes and Docker. This attack includes additional malicious parts between the component that sends data and the component that receives this data. It can be a fake container, service, middleware, or even a human. For example:
- CVE-2020–8554 — vulnerability that allows attackers to obtain access to the cluster by creating ClisterIPs service.
- Siloscape — malware inside windows containers. The Silocape creates a backdoor to the whole Kubernetes cluster, including sensitive data and CPU, GPU, and resources
2. Cryptojacking attack.
This attack allows an attacker to run the malicious code to use the CPU, GPU, and Memory of the PC for mining cryptocurrencies. Example:
CVE-2018–15664 — gives access to the docker system with root permission.
Read More about Apply Common Security Principles and Rules.
Comments
Post a Comment