Cybersecurity researchers have detailed a new attack vector that suppresses cryptomining malware in Kubernetes clusters by exploiting misconfigured Argo Workflows instances. Argo Workflows is an open source workflow engine for Kubernetes that simplifies the process of orchestrating parallel tasks on Kubernetes clusters. Intezer researchers found hundreds of instances of Argo Workflows with misconfigured permissions and observed that many people were being abused by malicious actors.LaComparacion needs you! We take a look at how our readers are using VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey will take no more than 60 seconds of your time, and you can also choose to be entered into a drawing to win a €100 Amazon voucher or one of five year-long ExpressVPN subscriptions.
“We have identified infected nodes and there is the potential for larger-scale attacks due to hundreds of misconfigured deployments. We have spotted exposed instances of Argo workflows belonging to companies across different industries, including technology, finance, and logistics, ”Intezer's Ryan Robinson and Nicole Fishbein note in a joint blog post.Click here to launch the survey in a new window