Hacking Alibaba Cloud's Kubernetes cluster, with Ronen Shustin and Hillai Ben-Sasson

In this KubeFM episode, Hillai and Ronen, security researchers at Wiz, explore the intricacies of hacking Alibaba Cloud's Kubernetes cluster.

They share their experiences and insights on identifying and exploiting vulnerabilities, mainly focusing on misconfigurations and their impact on cloud security.

You will learn:

• How Hillai and Ronen gained access to a Kubernetes cluster through a Postgres database.

• How they moved laterally and managed to obtain push and pull rights to a private container registry.

• Recommendations for securing multi-tenant Kubernetes clusters and maintaining environment hygiene.

More info

• Find all the links and info for this episode here: https://ku.bz/yr16qNTFx

• Interested in sponsoring an episode? Learn more.