this post was submitted on 18 Apr 2024
23 points (100.0% liked)

Cybersecurity

5971 readers
387 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
kid
[email protected]
23
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters | Microsoft Security Blog (www.microsoft.com)
submitted 9 months ago* (last edited 9 months ago) by kid to c/cybersecurity
0 comments fedilink hide all child comments
 

It's from MS, but I'll take anyways.

Summary: Attackers exploit critical vulnerabilities in OpenMetadata to access Kubernetes workloads and conduct cryptocurrency mining. Microsoft recommends updating OpenMetadata to version 1.3.1 or later and using Microsoft Defender for Cloud for detection of malicious activities. Relevant vulnerabilities include CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, CVE-2024-28254.

IOCs (hashes with good detection rate on VT):

7c6f0bae1e588821bd5d66cd98f52b7005e054279748c2c851647097fa2ae2df 19a63bd5d18f955c0de550f072534aa7a6a6cc6b78a24fea4cc6ce23011ea01d 31cd1651752eae014c7ceaaf107f0bf8323b682ff5b24c683a683fdac7525bad

IP 8[.]222[.]144[.]60

IP 61[.]160[.]194[.]160

IP 8[.]130[.]115[.]208

[Edit: added summary]

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here