Yuval Avrahami, Author at Unit 42

A conceptual image representing a vulnerability in the AWS Log4Shell hot patch. It shows a java symbol inside a container with one door open.

62,280

people reacted

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

By Yuval Avrahami
April 19, 2022 at 3:00 PM

7 min. read

A conceptual image representing Kubernetes security, including the GKE Autopilot vulnerabilities discussed here, which, before fixed, could have allowed for container escape leading to a shadow administrator.

39,270

people reacted

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

By Yuval Avrahami
March 8, 2022 at 6:00 AM

14 min. read

A conceptual image representing container security issues, such as CVE-2022-0492, the Linux vulnerability discussed here.

73,102

people reacted

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

By Yuval Avrahami
March 3, 2022 at 10:00 AM

9 min. read

A conceptual image illustrating vulnerabilities related to containers and Kubernetes, such as Azurescape, the cross-account container takeover in Azure Container Instances discussed here.

90,903

people reacted

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

By Yuval Avrahami
September 9, 2021 at 3:00 AM

14 min. read

Kubernetes, vulnerability CVE-2020-8554, conceptual image

42,681

people reacted

Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554)

By Yuval Avrahami
December 21, 2020 at 3:30 PM

7 min. read

A conceptual image illustrating research into Kubernetes security.

42,034

people reacted

Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)

By Yuval Avrahami and Ariel Zelivansky
July 27, 2020 at 6:00 AM

7 min. read

62,151

people reacted

Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271

By Yuval Avrahami
November 19, 2019 at 6:00 AM

6 min. read

27,701

people reacted

Gaining Persistency on Vulnerable Lambdas

By Yuval Avrahami
September 2, 2019 at 6:08 AM

10 min. read

15,581

people reacted

Breaking Out of rkt – 3 New Unpatched CVEs

By Yuval Avrahami
May 30, 2019 at 8:05 AM

5 min. read

52,883

people reacted

Breaking out of Docker via runC – Explaining CVE-2019-5736

By Yuval Avrahami
February 21, 2019 at 6:55 AM

11 min. read

Posts created by: Yuval Avrahami

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554)

Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)

Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271

Gaining Persistency on Vulnerable Lambdas

Breaking Out of rkt – 3 New Unpatched CVEs

Breaking out of Docker via runC – Explaining CVE-2019-5736

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account