TechNaduFeb 9

The TeamPCP campaign highlights how cloud-native misconfigurations can be industrialized into a full cybercrime platform.

By abusing exposed Docker APIs, Kubernetes clusters, Redis, and vulnerable web apps, the group automates scanning, persistence, proxying, data theft, and monetization - often without novel exploits. This reinforces that operational scale, not exploit sophistication, is now the primary threat driver in cloud environments.

Source: https://thehackernews.com/2026/02/teampcp-worm-exploits-cloud.html

💬 Are cloud control planes receiving enough defensive visibility?

🔔 Follow @technadu for ongoing cloud threat analysis

#InfoSec #CloudSecurity #KubernetesSecurity #ThreatResearch #MalwareOps #CyberCrime #TechNadu

The DefendOps DiariesMay 5, 2025

Default Helm charts in Kubernetes might be like leaving your front door unlocked – sensitive data and weak settings could be inviting trouble. Is your deployment really secure?

https://thedefendopsdiaries.com/enhancing-kubernetes-security-addressing-risks-in-helm-charts/

#kubernetessecurity
#helmcharts
#cybersecurity
#devsecops
#cloudsecurity

anchoreApr 27, 2025
Let's level up our EKS security game! Join our hands-on webinar on "Shift Right Security for EKS" with Bion Consulting and Anchore. Learn practical techniques to identify and remediate vulnerabilities in your scaling EKS applications. We will focus on:
- Kubernetes Runtime Inventory and why it matters for container security
- How to install and configure Anchore's Runtime Inventory on Amazon EKS
- How Anch... https://get.anchore.com/shift-right-security-for-eks-anchore/ #EKS #KubernetesSecurity #DevSecOps #Anchore #SecurityWebinar
Code Labs AcademyApr 13, 2025

Want to level up your Kubernetes game? This article covers certifications, security, and your next steps! Check it out!

Continue reading the full article https://codelabsacademy.com/en/blog/kubernetes-certification-and-security-guide?source=mastadon

#kubernetescertification #kubernetessecurity

Mastering Kubernetes: Security, Certifications, and Best Practices

Dive into this comprehensive Kubernetes guide covering core concepts, security best practices, and essential certifications to advance your career in cloud-native technology.

Tedi HeriyantoDec 1, 2024

Making Sense of Kubernetes Initial Access Vectors

- Part 1: www.wiz.io/blog/making-sense-of-kubernetes-initial-access-vectors-part-1-control-plane

- Part 2: https://www.wiz.io/blog/kubernetes-data-plane

#kubernetes #k8s #KubernetesSecurity

Kubernetes Initial Access Vectors Part 2: Data Plane | Wiz Blog

Learn about Kubernetes data plane access, including applications running on the cluster, container images, and execution-as-a-service workload types.

wiz.io
Thomas Fricke (he/his)Nov 10, 2024

Two talks on DevOpsCon #Munich at December 4th!

One Keynote https://devopscon.io/devsecops/it-security-reloaded/
and the update of my #DevSecOps meets reality talk in #berline

https://devopscon.io/devsecops/devsecops-realitycheck/

Will contain more than traces of #DevOps #GitOps #Kubernetes and #Security
#KubernetesSecurity

IT Security reloaded: will the paper tiger finally get its teeth? - DevOps Conference & Camps

DevOps Conference & Camps
pentest-tools.comOct 8, 2024

Does #cybersecurity really need another #Kubernetes vulnerability scanner? 👉 Heck yes!

💪 Find out WHY and HOW we built our newest tool in this candid behind-the-scenes by Security Research Engineer David Bors: https://pentest-tools.com/blog/how-and-why-we-built-the-kubernetes-vulnerability-scanner

#offensivesecurity #penetrationtesting #kubernetessecurity

How and why we built the Kubernetes Vulnerability Scanner

Pentest-Tools.com
Career SwamiAug 17, 2024

How to ace a Kubernetes Administrator Interview in 2024: Key Concepts, Practical Skills, and Expert Tips

https://zurl.co/ohRX

#KubernetesAdministratorInterview #KubernetesScenarioQuestions #KubernetesInterviewTips #KubernetesSecurity #KubernetesInterview #careerswami

How to ace a Kubernetes Administrator Interview in 2024: Key Concepts, Practical Skills, and Expert Tips - Career Swami

Ace your Kubernetes Administrator Interview with this comprehensive guide. Learn key concepts, practical skills, and scenario-based questions to showcase your expertise.

Career Swami
Adversary VillageAug 6, 2024

Adversary Village at DEFCON 32 Workshop,
Julien Terriac (Adversary Simulation Engineer at datadog) will be giving a workshop on, “Hands-on Kubernetes security with KubeHound(Purple Teaming)”.
Workshop schedule: 12:00-14:00 PDT, Aug 10th 2024 at Adversary Village Workshop Stage, Las Vegas Convention Center.
More information on the Workshop: https://adversaryvillage.org/adversary-events/DEFCON-32/Julien-Terriac/

Schedule for Adversary Village at DEF CON 32: https://adversaryvillage.org/adversary-events/DEFCON-32/
Join our Discord server: https://adversaryvillage.org/discord

#AdversaryVillage #DEFCON #WeEngage #DEFCON32 #AdversaryTactics #adversaryemulation #Kubernetessecurity #purpleteaming #Kubehound

Julien Terriac | Adversary Village at DEF CON 32

Adversary Village is a community initiative purely focuses on Adversary simulation, emulation tactics, APT emulation, Simulation CTFs, Adversary Tactics, life, urban survival skills and purple teaming.

Tedi HeriyantoJul 12, 2024

A Guide To Kubernetes Logs That Isn't A Vendor Pitch: https://grahamhelton.com/blog/k8slogs/?

#KubernetesSecurity #kubernetes_monitoring

A Guide To Kubernetes Logs That Isn't A Vendor Pitch · Graham Helton

One of the frustrating aspects of researching topics in the Kubernetes/cloud-native world is having to trek through the vast sea of SEO-optimized articles that are nothing more than rehashed vendor marketing of the Kubernetes documentation thinly veiled as a technical guide. It sometimes reminds me of walking through the vendor floor at Blackhat. I get it, and I’m sure many of the products are great, but sometimes I just want to understand a concept, not pay someone to understand it for me.

Graham Helton