背景 云安全中心9月8日收到客户求助,其部署在公有云K8s集群遭到入侵,在数分钟之内K8s节点全部沦陷,并被植入挖矿程序。 阿里云安全团队紧急协助排查入侵原因,结合K8s审计日志以及云安全中心主机侧日志还原入侵链路,发现了此次针对K8s API Server的批量攻击。 K8s API Server鉴权问题 K8s API Server 默认会开启两个端口:8080(Localhost ...
Read More
https://www.youtube.com/playlist?list=PL2FF649D0C4407B30 1 ORIENTATION Education & Training Education is what, when, and why to do things, Training is how to do it. Follwing the knowledge dilemma ...
Read More