Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io
Cloud Threat Landscape

Misconfigured KubeFlow abuse

Tags
App Misconfig.K8s
ATT&CK Tactic
Initial Access (TA0001)
ATT&CK Technique

https://attack.mitre.org/techniques/T1609/

Tech
KubeFlow
References
https://www.microsoft.com/security/blog/2020/06/10/misconfigured-kubeflow-workloads-are-a-security-risk/
Last edited
Jan 21, 2024 7:16 AM
Status
Stub
  1. Discover exposed KubeFlow
  2. Create new namespace
  3. Deploy malicious image from public repository (with e.g., cryptominer)

Made with 💙 by Wiz

Last Updated: April 3, 2025