SILOSCAPE MALWARE – a reminder of the importance of security kubernetes containers

News recently broke of a serious security vulnerability found in Windows Containers. This security flaw has been exposed in the wild by a newly discovered malware named ‘Siloscape’. The vulnerability enables a compromised Windows Container to be used to gain privileges on its host node and thus potentially full access to a Kubernetes Cluster. This can enable the creation of rogue containers, administrative control of existing containers, or access to data within the existing containerized environment. Or in other words, a nightmare scenario for a production Kubernetes Infrastructure.

The name ‘Siloscape’ is indicative of how this vulnerability enables a user to “escape” what most administrators know to be a ‘silo’ in the form of a container. Thought to be the first known malware targeting Windows Containers, this has ramifications for any enterprise utilizing Windows Containers for Kubernetes and should be a reminder to all NetOps and DevOps teams of the importance of implementing proper security controls across the whole Kubernetes Cluster. A key point is that this is crucial across all deployments – production AND non-production. It also reaffirms how crucial it is that the Kubernetes Infrastructure is built with Zero Trust and Web Application Firewall protection from the outset.

So how can Windows Containers be exploited – read the full article here!

Scroll to Top

Vi bruger cookies for at kunne give dig den bedste oplevelse. Ved at bruge vores side accepterer du brugen af cookies.