Subj : Kubernetes breaches could put major businesses data at risk To : All From : TechnologyDaily Date : Fri Nov 24 2023 16:00:06 Kubernetes breaches could put major businesses data at risk Date: Fri, 24 Nov 2023 15:56:48 +0000 Description: Top businesses really aren't paying attention to where their passwords are stored, risking major data breaches. FULL STORY ====================================================================== Some pretty major companies are slacking when it comes to Kubernetes configuration secrets, which could spell security disaster, a new report from cybersecurity researchers Aqua has claimed. In a new paper , researchers Yakir Kadkoda and Assaf Morag explained that firms are uploading Kubernetes configuration secrets to public repositories, risking hackers picking them up and using them in attacks against their endpoints . They came to this conclusion after using a GitHub API to find all entries containing .dockerconfigjson and .dockercfg which usually store credentials for container image registry access. The results returned 438 records, out of which half (203) held valid credentials that could be used to access the registries.The list contained 345 computer-generated passwords and 93 manual ones. Reader Offer: $50 Amazon gift card with demo Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security. Preferred partner ( What does this mean? ) Weak credentials "In the majority of cases, these credentials allowed for both pulling and pushing privileges," the researchers said. "Moreover, we often discovered private container images within most of these registries." Another problem is the strength of the manually created passwords. Almost half were considered weak, including the likes of test123456, ChangeMe, and dockerhub, which hackers can easily guess. "This underscores the critical need for organizational password policies that enforce strict password creation rules to prevent the use of such vulnerable passwords," the researchers stressed. Among the companies that risked data breaches this way are two major blockchain firms and various Fortune 500 organizations. The researchers also found plenty of Amazon Web Services (AWS) and Google Container Registry (GCR) passwords, all of which were temporary and expired. Also, the GitHub Container Registry had multi-factor authentication (MFA) set up, rendering it useless for the attackers. "In some cases, the keys were encrypted and thus there was nothing to do with the key," the researchers said. "In some cases, while the key was valid it had minimal privileges, often just to pull or download a specific artifact or image." More from TechRadar Pro It's official - Kubernetes has never been more popular Here's a list of the best firewalls around today These are the best malware removal tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/kubernetes-breaches-could-put-major-bus inesses-data-at-risk --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .