SecurityWeek reports that malicious actors have been looking to compromise improperly configured instances of the open-source real-time analytics platform Apache Pinot, which is being used by Walmart, LinkedIn, Slack, Uber, and other major companies.
Internet exposure of Apache Pinot's primary components facilitated by Kubernetes LoadBalancer services, which remains unknown to the user, has already been exploited by threat actors to access user data, according to a report from Microsoft. Aside from discovering the absence of authentication or utilization of predefined credentials for logins across "a small but critical group of applications," Microsoft also found cloud engineering platform Meshery to have been impacted by a security issue, which could be leveraged by attackers with external IP address access to enable arbitrary code execution and resource control. "Many in-the-wild exploitations of containerized applications originate in misconfigured workloads, often when using default settings," said Microsoft, which recommended limiting Meshery access to internal networks to mitigate the risk of compromise.
Internet exposure of Apache Pinot's primary components facilitated by Kubernetes LoadBalancer services, which remains unknown to the user, has already been exploited by threat actors to access user data, according to a report from Microsoft. Aside from discovering the absence of authentication or utilization of predefined credentials for logins across "a small but critical group of applications," Microsoft also found cloud engineering platform Meshery to have been impacted by a security issue, which could be leveraged by attackers with external IP address access to enable arbitrary code execution and resource control. "Many in-the-wild exploitations of containerized applications originate in misconfigured workloads, often when using default settings," said Microsoft, which recommended limiting Meshery access to internal networks to mitigate the risk of compromise.
