Kubernetes security flaw also earns bug bounty from Microsoft

Source:-portswigger.net Security researchers earned bug bounties from both Kubernetes and Microsoft after uncovering vulnerabilities in versions of the container technology that were hosted on Microsoft Azure. French researchers Brice Augras of Groupe Asten and Christophe Hauquiert of Nokia applied a server-side request forgery (SSRF) attack to put together a privilege elevation exploit. The duo developed the attack after setting out to prepare a talk on Kubernetes security in a managed service environment. Dynamic exploit The flaw (CVE-2020-8555) related to the

The impact of automation collapsing enterprise IT

Source – cio.com The IT stack is collapsing, thanks to the latest innovation in IT and moving into a software-defined service-oriented architecture. What can happen as a result of the collapse is important for every company to understand, as the more the stack collapses, the better results IT can deliver. Before we look at the potential impacts, let me explain what I mean by collapsing the stack. A multi-layer stack of technology comprises IT – things like the server layer, operating system,