Low Orbit Security (@loworbitsec) 's Twitter Profile
Low Orbit Security

@loworbitsec

Tailored Security Solutions from @grahamhelton3

ID: 1630071726108299265

linkhttp://loworbitsecurity.com/radar calendar_today27-02-2023 05:06:15

79 Tweet

330 Followers

139 Following

Graham Helton (@grahamhelton3) 's Twitter Profile Photo

🚨 Reminder! I'll be opening at the RedTeamVillage conference tomorrow (February 8th) at 10AM EST with ~2 hours of live demos and foundational "WTF is a kubernete" knowledge. Stop by!

🚨  Reminder! I'll be opening at the <a href="/RedTeamVillage_/">RedTeamVillage</a>  conference tomorrow (February 8th) at 10AM EST with ~2 hours of live demos and foundational "WTF is a kubernete" knowledge. 

Stop by!
Graham Helton (@grahamhelton3) 's Twitter Profile Photo

Golden Ticket Attack In Kubernetes? πŸ€” A new post exploitation & persistence tool for Kubernetes just came out called Kubernetes Spoofilizer. It allows attackers to quickly gain persistent access to a cluster in a few different ways after compromising the cluster 🧡

Golden Ticket Attack In Kubernetes? πŸ€”

A new post exploitation &amp; persistence tool for Kubernetes just came out called Kubernetes Spoofilizer.

It allows attackers to quickly gain persistent access to a cluster in a few different ways after compromising the cluster 🧡
Graham Helton (@grahamhelton3) 's Twitter Profile Photo

I'm releasing research soon detailing a technique to take over Kubernetes clusters. It allows running arbitrary commands in EVERY pod in the cluster using only a commonly granted "read only" RBAC permission. Oh and it's not logged by Kubernetes AuditPolicy πŸ‘€

I'm releasing research soon detailing a technique to take over Kubernetes clusters. It allows running arbitrary commands in EVERY pod in the cluster using only a commonly granted "read only" RBAC permission. 

Oh and it's not logged by Kubernetes AuditPolicy πŸ‘€
Graham Helton (@grahamhelton3) 's Twitter Profile Photo

I've pushed the release date of this research for a maximum of one more month for reasons that will hopefully be apparent once it's released, stay tuned :)

Graham Helton (@grahamhelton3) 's Twitter Profile Photo

I have some very exciting news. The Low Orbit Security Radar Newsletter will return this Monday. The content will continue to be weekly analysis of the security industry from my offensive security perspective tailored to just the important ideas. I very much missed writing this :)

I have some very exciting news. 

The <a href="/LowOrbitSec/">Low Orbit Security</a> Radar Newsletter will return this Monday. 

The content will continue to be weekly analysis of the security industry from my offensive security perspective tailored to just the important ideas.

I very much missed writing this :)