New Research From Accurics Reveals Emergence Of New Cloud Watering Hole Attacks
Kubernetes users who try to implement role-based access controls (RBAC) often fail to define roles at the proper granularity. This increases credential reuse and the chance of misuse – in fact, 35% of the organizations evaluated struggle with this problem, according to the latest report from Accurics.
In Helm charts, 48% of problems came about through insecure defaults. Improper use of the default namespace – where system components run – was the most common mistake, which could give attackers access to the system components or secrets.
The findings reveal an increased adoption of managed infrastructure services and the emergence of new cloud watering hole attacks. Of all violations identified, 23 percent correspond to poorly configured managed service offerings – largely the result of default security profiles or configurations that offer excessive permissions.
As demonstrated by a recent high-profile hack, attackers increasingly strive to leverage weaknesses that enable them to deliver malware to end users, gain unauthorized access to production environments or their data, or completely compromise a target environment. This strategy is known as a watering hole attack, and Accurics researchers have seen them emerge in cloud environments where they can cause even more damage.