Last Thursday Microsoft reported that the Kinsing malware, a Linux-based malware that deploys a crypto miner, is now targeting Kubernetes clusters via vulnerable PostgreSQL containers. Specifically, the malware is exploiting weak configurations that assume that anyone that can connect to the server is authorized to access the database with any user name without authentication, i.e. ‘trust authentication.’ Additionally, the malware is exploiting other vulnerable images, such as PHPUnit, Liferay, WebLogic, and WordPress.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.