We recently discovered that the AWS solution ‘Dynamic Image Transformation for Amazon CloudFront’, previously known as ‘AWS Serverless Image Handler’, prior to version 6.2.6, contains a configuration weakness where the role associated with the Lambda does not constrain which buckets can be accessed and the environment variable can be set to a wildcard allowing access to any bucket.

In conjunction with our talk at HackCon and the release of our latest tool in Research Release, are sharing this as a companion blog post.

Unlike the control plane, the data plane in Kubernetes (which includes your workloads and nodes) is user-managed in both on-premise and cloud environments. This means the security responsibility lies squarely with you. In this article, we share some essential practices to keep your data plane secure.

Securing the Control Plane is all about protecting the very heart of your Kubernetes cluster. If the control plane is compromised, attackers gain the power to manage, schedule, and configure all aspects of your workloads. In this article, we’ll walk through the key components of the control plane and share practical tips to keep them locked down. Let’s dive in and safeguard the most critical layer of your Kubernetes environment.

In this episode Håkon has Olav and Karim on the podcast to discuss the upcoming season and some common challenges organizations face when using cloud services. Find us at: https://www.linkedin.com/company/o3cyber https://www.youtube.com/@o3cyber Host: www.linkedin.com/in/hakonsorum Guests: https://www.linkedin.com/in/karim-el-melhaoui https://www.linkedin.com/in/oestbye/

In this episode Håkon has Olav and Karim on the podcast to discuss the upcoming season and some common challenges ...