Kubernetes Secrets and techniques of Fortune 500 Corporations Uncovered in Public Repositories







Nov 24, 2023NewsroomCloud safety / Knowledge Safety

Kubernetes Secrets

Cybersecurity researchers are warning of publicly uncovered Kubernetes configuration secrets and techniques that might put organizations susceptible to provide chain assaults.

“These encoded Kubernetes configuration secrets and techniques had been uploaded to public repositories,” Aqua safety researchers Yakir Kadkoda and Assaf Morag mentioned in a brand new analysis printed earlier this week.

A few of these impacted embrace two prime blockchain corporations and numerous different fortune-500 corporations, in response to the cloud safety agency, which leveraged the GitHub API to fetch all entries containing .dockerconfigjson and .dockercfg varieties that retailer credentials for accessing a container picture registry.


Of the 438 data that probably held legitimate credentials for registries, 203 data – about 46% – contained legitimate credentials that supplied entry to the respective registries. Ninety-three of the passwords had been manually set by people, versus the 345 that had been computer-generated.

“Within the majority of instances, these credentials allowed for each pulling and pushing privileges,” the researchers famous. “Furthermore, we regularly found non-public container photographs inside most of those registries.”

Moreover, practically 50% of the 93 passwords had been deemed weak. This comprised password, test123456, windows12, ChangeMe, and dockerhub, amongst others.

Kubernetes Secrets

“This underscores the important want for organizational password insurance policies that implement strict password creation guidelines to forestall using such weak passwords,” the researchers added.

Aqua mentioned it additionally discovered situations the place organizations fail to take away secrets and techniques from the recordsdata which might be dedicated to public repositories on GitHub, resulting in inadvertent publicity.

However on a constructive notice, all of the credentials related to AWS and Google Container Registry (GCR) had been discovered to be non permanent and expired, making entry not possible. In the same vein, the GitHub Container Registry required two-factor authentication (2FA) as an added layer towards unauthorized entry.


“In some instances, the keys had been encrypted and thus there was nothing to do with the important thing,” the researchers mentioned. “In some instances, whereas the important thing was legitimate it had minimal privileges, usually simply to drag or obtain a particular artifact or picture.”

In keeping with Purple Hat’s State of Kubernetes Safety Report launched earlier this 12 months, vulnerabilities and misconfigurations emerged as prime safety issues with container environments, with 37% of the whole 600 respondents figuring out income/buyer loss because of a container and Kubernetes safety incident.

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we publish.


Supply hyperlink

Share this


Google Presents 3 Suggestions For Checking Technical web optimization Points

Google printed a video providing three ideas for utilizing search console to establish technical points that may be inflicting indexing or rating issues. Three...

A easy snapshot reveals how computational pictures can shock and alarm us

Whereas Tessa Coates was making an attempt on wedding ceremony clothes final month, she posted a seemingly easy snapshot of herself on Instagram...

Recent articles

More like this


Please enter your comment!
Please enter your name here