May 28, 2024

Hacking Alibaba Cloud's Kubernetes cluster, with Ronen Shustin and Hillai Ben-Sasson

Listen Later

44 minutes

In this KubeFM episode, Hillai and Ronen, security researchers at Wiz, explore the intricacies of hacking Alibaba Cloud's Kubernetes cluster.

They share their experiences and insights on identifying and exploiting vulnerabilities, mainly focusing on misconfigurations and their impact on cloud security.

You will learn:

How Hillai and Ronen gained access to a Kubernetes cluster through a Postgres database.
How they moved laterally and managed to obtain push and pull rights to a private container registry.
Recommendations for securing multi-tenant Kubernetes clusters and maintaining environment hygiene.

More info

Find all the links and info for this episode here: https://ku.bz/yr16qNTFx
Interested in sponsoring an episode? Learn more.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

KubeFM

By KubeFM

5

22 ratings

May 28, 2024

Hacking Alibaba Cloud's Kubernetes cluster, with Ronen Shustin and Hillai Ben-Sasson

Listen Later

44 minutes

In this KubeFM episode, Hillai and Ronen, security researchers at Wiz, explore the intricacies of hacking Alibaba Cloud's Kubernetes cluster.

They share their experiences and insights on identifying and exploiting vulnerabilities, mainly focusing on misconfigurations and their impact on cloud security.

You will learn:

How Hillai and Ronen gained access to a Kubernetes cluster through a Postgres database.
How they moved laterally and managed to obtain push and pull rights to a private container registry.
Recommendations for securing multi-tenant Kubernetes clusters and maintaining environment hygiene.

More info

Find all the links and info for this episode here: https://ku.bz/yr16qNTFx
Interested in sponsoring an episode? Learn more.

...more

More shows like KubeFM

Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

Software Engineering Radio - the podcast for professional software developers

273 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

288 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,011 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

626 Listeners

LINUX Unplugged by Jupiter Broadcasting

LINUX Unplugged

275 Listeners

The Enterprise AI Show by Massive Studios

The Enterprise AI Show

154 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

583 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

287 Listeners

Thoughtworks Technology Podcast by Thoughtworks

Thoughtworks Technology Podcast

44 Listeners

Late Night Linux by The Late Night Linux Family

Late Night Linux

168 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

180 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

204 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

63 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

98 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

67 Listeners