Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts created by: Yuval Avrahami

Mitigating RBAC-Based Privilege Escalation in Popular Kubernetes PlatformsA pictorial representation of RBAC-based privilege escalation. Illustrated figures pilot a boat carrying the image of an anchor on a green shield.
62,450
people reacted

Mitigating RBAC-Based Privilege Escalation in Popular Kubernetes Platforms

  • By Yuval Avrahami
  • January 27, 2023 at 6:00 AM

22

9 min. read

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege EscalationA conceptual image representing a vulnerability in the AWS Log4Shell hot patch. It shows a java symbol inside a container with one door open.
74,886
people reacted

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

  • By Yuval Avrahami
  • April 19, 2022 at 3:00 PM

68

7 min. read

Trending

  • Threat Brief: Attacks on Critical Infrastructure Attributed to Volt Typhoon by Unit 42
  • Cold as Ice: Unit 42 Wireshark Quiz for IcedID by Brad Duncan
  • Old Wine in the New Bottle: Mirai Variant Targets Multiple IoT Devices by Zhibin Zhang
  • Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID by Brad Duncan
Container Escape to Shadow Admin: GKE Autopilot VulnerabilitiesA conceptual image representing Kubernetes security, including the GKE Autopilot vulnerabilities discussed here, which, before fixed, could have allowed for container escape leading to a shadow administrator.
55,459
people reacted

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

  • By Yuval Avrahami
  • March 8, 2022 at 6:00 AM

37

14 min. read

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?A conceptual image representing container security issues, such as CVE-2022-0492, the Linux vulnerability discussed here.
93,178
people reacted

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

  • By Yuval Avrahami
  • March 3, 2022 at 10:00 AM

52

9 min. read

Finding Azurescape – Cross-Account Container Takeover in Azure Container InstancesA conceptual image illustrating vulnerabilities related to containers and Kubernetes, such as Azurescape, the cross-account container takeover in Azure Container Instances discussed here.
102,543
people reacted

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

  • By Yuval Avrahami
  • September 9, 2021 at 3:00 AM

104

14 min. read

Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554)Kubernetes, vulnerability CVE-2020-8554, conceptual image
46,344
people reacted

Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554)

  • By Yuval Avrahami
  • December 21, 2020 at 3:30 PM

31

7 min. read

Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)A conceptual image illustrating research into Kubernetes security.
45,662
people reacted

Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)

  • By Yuval Avrahami and Ariel Zelivansky
  • July 27, 2020 at 6:00 AM

26

7 min. read

Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271
72,316
people reacted

Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271

  • By Yuval Avrahami
  • November 19, 2019 at 6:00 AM

57

6 min. read

37,248
people reacted

Gaining Persistency on Vulnerable Lambdas

  • By Yuval Avrahami
  • September 2, 2019 at 6:08 AM

42

10 min. read

21,295
people reacted

Breaking Out of rkt – 3 New Unpatched CVEs

  • By Yuval Avrahami
  • May 30, 2019 at 8:05 AM

25

5 min. read

79,821
people reacted

Breaking out of Docker via runC – Explaining CVE-2019-5736

  • By Yuval Avrahami
  • February 21, 2019 at 6:55 AM

62

11 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.