Kubernetes security encompasses strategies to secure clusters, applications and infrastructure to mitigate threats and it should be continuously monitored and adjusted. Amazon’s Elastic Kubernetes Service (EKS), Elastic Container Registry (ECR), and Elastic Compute Cloud (EC2) offer integration with multiple other AWS services to enhance security. Best practices include using the Amazon VPC CNI plugin, integrating AWS IAM with Kubernetes RBAC, encrypting data with AWS KMS, centralized logging with Amazon CloudWatch, service meshes and infrastructure as code (IaC).
AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin
AMD disclosed a critical vulnerability (CVE-2024-56161) in its Secure Encrypted Virtualization (SEV) technology, allowing attackers with administrative access to inject malicious CPU microcode, compromising virtual