31 décembre 2024 | International, C4ISR, Sécurité

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation

Azure Airflow misconfigurations risk cluster-wide breaches, root VM access, and compromised Azure resources.

https://thehackernews.com/2024/12/misconfigured-kubernetes-rbac-in-azure.html

Sur le même sujet

  • Missile defence successes in Gulf, Ukraine fuel global urgency to acquire systems

    2 mai 2024 | International, Terrestre

    Missile defence successes in Gulf, Ukraine fuel global urgency to acquire systems

    The success of ballistic missile defences facing their first complex, high-stakes combat scenarios in Israel, the Red Sea and Ukraine will encourage militaries globally to invest in the pricey systems, experts say - and intensify missile arms races.

  • Mattis out: Defense secretary says his views no longer aligned with Trump

    21 décembre 2018 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    Mattis out: Defense secretary says his views no longer aligned with Trump

    By: Leo Shane III and Aaron Mehta WASHINGTON — Defense Secretary Jim Mattis on Thursday announced he will step down from that post by the end of the February, leaving a significant leadership void in President Donald Trump's Cabinet. In his resignation letter Thursday, Mattis told Trump he was making the move to allow the president to find “a secretary of defense whose views are better aligned with yours.” Mattis, a former Marine Corps general, is regarded highly among defense experts and is a well-respected military mind among lawmakers. On numerous occasions over the last two years, both Republicans and Democrats have lauded him as a calming presence within the turbulent Trump administration and a voice of reason for the sometimes impulsive commander in chief. He's also wildly popular among troops. A Military Times poll conducted in late September found that nearly 84 percent of troops had a favorable view of his work leading the armed forces. Among officers, the figure was almost 90 percent. But Mattis' relationship with Trump had appeared to sour in recent months as the president pushed for more aggressive military policies. Read Mattis' full letter here. Pentagon officials appeared caught unaware by sudden decisions made in the Oval Office on forming a new Space Force, sending troops to the southern U.S. border, and banning transgender recruits from the ranks. This week, Mattis and other top defense officials appeared to be surprised by Trump's plans for a rapid withdrawal of U.S. forces from Syria. On Twitter Thursday, Trump hailed Mattis for “tremendous progress” on helping to rebuild the military, including “the purchase of new fighting equipment” and “getting allies and other countries to pay their share of military obligations.” He said a new secretary of defense would be announced in coming days. Expect the names of Sen. Tom Cotton, R-Ark., and Jack Keane, a retired Army general who was an early supporter for Trump, to pop up in discussions. In his resignation letter, Mattis said he was “proud of the progress that has been made over the past two years in ... putting the department on more sound budgetary footing, improving readiness and lethality in our forces, and reforming the department's business practices.” But he also took aim at several Trump policies that caused friction between the White House and the Pentagon. In the letter, Mattis wrote that he believes America “must be resolute and unambiguous in our approach to those countries whose strategic interests are increasingly in tension with ours.” That includes “treating allies with respect” and doing “everything possible to advance an international order that is most conducive to our security, prosperity and values.” He also specifically mentioned both the defeat-ISIS coalition of 74 nations and NATO as “proof” alliances that have benefited America, The timing of the resignation — just a day after Trump ordered the withdrawal of U.S. forces from Syria, reportedly over the objections of Mattis — is noteworthy, especially given Mattis' reference to the ISIS coalition in his letter. Appearing on CNN shortly after the announcement, Trump's senior adviser Stephen Miller did nothing to quell the idea that Mattis quit over the Syria decision, saying it is time for Trump “to get a new secretary of defense who will be aligned with the president” on a variety of issues, specifically calling out Syria and burden sharing among NATO allies. Miller also reiterated Trump's statements that it is time for Syria and Russia to take over the fight against ISIS, while railing against the decision of America to stay in Afghanistan and Iraq. When asked by CNN's Wolf Blitzer if the administration intended to leave those countries as well, Miller said “I have absolutely no policy announcements of any kind to make tonight, whatsoever.” For months, speculation has swirled around whether Mattis could survive into year three of the administration, particularly after Trump labeled him as “sort of a Democrat” during an interview in October. However, he appeared to solidify his position within the administration in the days leading up to the mid-term elections, with a full-throated support for the president's decision to send troops to the border. Mattis said the February leave date is designed to ensure a new defense secretary is in place well before September's changeover of the chairman of the joint chief of staff. Just two weeks ago, Trump announced that Gen. Mark Milley, the current army chief of staff, would be his nominee to replace current chairman Gen. Joe Dunford. The announcement, coming almost 10 months before Dunford's term was over, caught many by surprise, and now sets up the military for a wholesale leadership change in 2019. It also represented another pressure point between Trump and the secretary. Both Mattis and Dunford supported the candidacy of Gen. David Goldfein, the Air Force's top officer, but Trump picked Milley instead. Along with Dunford, all of the joint chiefs are in line to turn over in 2019, meaning a new secretary will also have a new group of the highest uniformed officials to work with. https://www.militarytimes.com/news/pentagon-congress/2018/12/20/mattis-out-defense-secretary-says-his-views-no-longer-aligned-with-trump

  • How would NATO respond to a cyberattack?

    17 mai 2018 | International, C4ISR

    How would NATO respond to a cyberattack?

    By: Martin Banks NATO Secretary General Jens Stoltenberg says “it is time we all woke up to the potential dangers of cyber threats.” Speaking at a conference on cyber crime in Paris May 15, Stoltenberg said, “In the Second World War there was a popular saying, ‘Loose lips sink ships.' Today, it is weak passwords, failing to add software updates, or opening unfamiliar emails. Simple things. But if we get them right, we go a long way to protecting ourselves.” Stoltenberg was speaking at the Ecole Militaire in the French capital on a major conference on NATO's so-called “Cyber Defence Pledge” which, he said, had helped nations to look at their cyber-defences in a more holistic way. NATO countries have faced a series of attacks in recent years. In France, TV-Cinq Monde was taken off air by hackers while Fancy Bear, a group associated with the Kremlin, hacked the main political parties in the United States in what Stoltenberg called “a brazen attempt to influence the 2016 election.” Last year's WannaCry attack forced Renault to halt production at several of its factories and a cyberattack brought hospitals in the UK to a standstill. “The very nature of these attacks is a challenge,” Stoltenberg said. “It is often difficult to know who has attacked you or even if you have been attacked at all. There are many different actors. “Governments, but also criminal gangs, terrorist groups and lone individuals. Nowhere is the ‘Fog of War' thicker than it is in cyberspace,” he said. “If these were hard attacks, using bombs or missiles instead of computer code, they could be considered an act of war. But instead, some are using software to wage a soft-war - a soft-war with very real, and potentially deadly consequences.” In 2014, NATO leaders agreed that a cyberattack could trigger Article 5, meaning that an attack on one ally is treated as an attack on all allies. He added, “I am often asked, ‘under what circumstances would NATO trigger Article 5 in the case of a cyber-attack?' My answer is: we will see. The level of cyberattack that would provoke a response must remain purposefully vague as will the nature of our response. “But it could include diplomatic and economic sanctions, cyber-responses, or even conventional forces, depending on the nature and consequences of the attack.But whatever the response, NATO will continue to follow the principle of restraint. And act in accordance with international law.” In less than two years, almost every ally had upgraded their cyber defences with France leading the way, investing €1.6 billion and employing thousands more cyber experts. He also pointed to Nato's new Command Structure and Cyber Rapid Reaction teams. https://www.fifthdomain.com/international/2018/05/16/how-would-nato-respond-to-a-cyber-attack-well-see/

Toutes les nouvelles