The issue affected Google Kubernetes Engine (GKE), a system used to deploy, scale and manage how applications are “containerized.” GKE — the tech giant’s implementation of the open-source Kubernetes project — is used widely in healthcare, education, retail and financial services for data processing as well as artificial intelligence and machine learning operations.

Researchers from Orca Security explained that they uncovered an issue in GKE that “could allow an attacker with any Google account to take over a misconfigured Kubernetes cluster, potentially leading to serious security incidents such as cryptomining, denial of service, and sensitive data theft.”

  • conciselyverbose@kbin.social
    link
    fedilink
    arrow-up
    8
    ·
    9 months ago

    We have identified several clusters where users have granted Kubernetes privileges to the system:authenticated group

    lol if that’s the whole thing, blaming Google is laughable, unless they default to that somewhere or have faulty documentation. That’s not a security flaw with their tools.

    • V ‎ ‎ @beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      Over the past five years infosec has turned into a shitshow of showboating. Every exploit has to have a logo and catchy name. Attacks are widely hyped up despite the conditions for usage being extremely difficult or outright stupid. If you are assigning blanket permissions to a group that shouldn’t have it that is your fault. Obstructing stupidity is not in the scope of the container engine.