May 28, 2024

Hacking Alibaba Cloud's Kubernetes cluster, with Ronen Shustin and Hillai Ben-Sasson

Listen Later

44 minutes

In this KubeFM episode, Hillai and Ronen, security researchers at Wiz, explore the intricacies of hacking Alibaba Cloud's Kubernetes cluster.

They share their experiences and insights on identifying and exploiting vulnerabilities, mainly focusing on misconfigurations and their impact on cloud security.

You will learn:

How Hillai and Ronen gained access to a Kubernetes cluster through a Postgres database.
How they moved laterally and managed to obtain push and pull rights to a private container registry.
Recommendations for securing multi-tenant Kubernetes clusters and maintaining environment hygiene.

More info

Find all the links and info for this episode here: https://ku.bz/yr16qNTFx
Interested in sponsoring an episode? Learn more.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

KubeFM

By KubeFM

5

22 ratings

May 28, 2024

Hacking Alibaba Cloud's Kubernetes cluster, with Ronen Shustin and Hillai Ben-Sasson

Listen Later

44 minutes

In this KubeFM episode, Hillai and Ronen, security researchers at Wiz, explore the intricacies of hacking Alibaba Cloud's Kubernetes cluster.

They share their experiences and insights on identifying and exploiting vulnerabilities, mainly focusing on misconfigurations and their impact on cloud security.

You will learn:

How Hillai and Ronen gained access to a Kubernetes cluster through a Postgres database.
How they moved laterally and managed to obtain push and pull rights to a private container registry.
Recommendations for securing multi-tenant Kubernetes clusters and maintaining environment hygiene.

More info

Find all the links and info for this episode here: https://ku.bz/yr16qNTFx
Interested in sponsoring an episode? Learn more.

...more

More shows like KubeFM

Security Now (Audio) by TWiT

Security Now (Audio)

1,973 Listeners

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

283 Listeners

The Cloudcast by Massive Studios

The Cloudcast

152 Listeners

LINUX Unplugged by Jupiter Broadcasting

LINUX Unplugged

265 Listeners

Thoughtworks Technology Podcast by Thoughtworks

Thoughtworks Technology Podcast

42 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

592 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

624 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

268 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

203 Listeners

Late Night Linux by The Late Night Linux Family

Late Night Linux

154 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

181 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

64 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

92 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

47 Listeners