The all in one place for non-profit security aid.
Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay attacks, starting with today’s Windows build (Enterprise edition) rolling out to Insiders in the Canary Channel.
Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems
Atos Unify product vulnerabilities could be exploited to cause disruption and reconfigure or backdoor the targeted system.
The post Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems appeared first on SecurityWeek.
SecurityWeek RSS Feed
Kubernetes Security Flaw Let Attackers Escalate to Admin Privileges
A new privilege escalation vulnerability has been discovered in Kubernetes, which allows threat actors to gain administrative privileges on affected pods. The CVE for this vulnerability has been assigned as CVE-2023-3676, and the severity has been given as 8.8 (High).
However, Kubernetes has addressed this vulnerability and fixed this issue on their latest version of Kubelet. Moreover, affected products have also been published.
This issue exists in Kubernetes in which a user who can create pods on Windows nodes will be able to escalate to admin privileges on those nodes. It was confirmed that this issue affects only if the Kubernetes cluster consists of Windows nodes.
Additionally, the command kubectl get nodes -l kubernetes.io/os=windows can be used to check if there are any Windows nodes in use.
ProductAffected ProductsFixed in Versionkubeletaffected at v1.28.0affected from v1.27.0 through v1.27.4affected from v1.26.0 through v1.26.7affected from v1.25.0 through v1.25.12affected from 0 through v1.24.16unaffected at v1.28.1unaffected at v1.27.5unaffected at v1.26.8unaffected at v1.25.13unaffected at v1.24.17
To mitigate this issue, Kubernetes patches must be applied for CVE-2023-3676 on affected products. However, for detecting this issue, Kubernetes audit logs can be used.
Pod-create events and embedded PowerShell commands are another strong indication of exploitation. Config maps and secrets that contain embedded PowerShell commands and are mounted into pods are also a strong indication of exploitation.
Users of the affected versions of Kubernetes are recommended to upgrade to the latest version of these products to prevent this vulnerability from getting exploited.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.
The post Kubernetes Security Flaw Let Attackers Escalate to Admin Privileges appeared first on Cyber Security News.
Cyber Security News
