Citrix NetScaler CVE-2019-19781
Vulnerability CVE-2019-19781 in Citrix NetScaler has been a pain for organizations' IT departments for the last two weeks and it still keeps us busy supporting our ...
Read MoreSearch
Kubernetes RBAC Security Pitfalls
My previous blogpost covered the basics of the Kubernetes Role-Based Access control (RBAC) module. Here, I want to provide some common mistakes and vulnerabilities ...
Read MoreA brief intro to Kubernetes Role-Based Access Control
Actually, this should have been the introduction to a blogpost about RBAC auditing and pentesting. However, after the first few paragraphs, I noticed that it is ...
Read Moredocker/kubectl exec did not respect no-new-privileges and allowPrivilegeEscalation
TL;DR: There was a bug in docker, which made docker exec not respect the no-new-privileges security option. This issue also impacted the ...
Read More