Your submission was sent successfully! Close

Jump to main content

Security breach

Microsoft exposes attacks to Kubeflow deployments

Microsoft publishes report detailing series of attacks against clusters running Kubeflow with the purpose of mining cryptocurrencies. To ensure that you are on the safe side, follow the steps below:

1. When deploying Kubeflow, make sure that its dashboard isn’t exposed to the internet: check the type of the Istio ingress service by the following command and make sure that it is not a load balancer with a public IP:

kubectl get service istio-ingressgateway -n istio-system

2. Verify that the malicious container is not deployed in the cluster, through the following command:

kubectl get pods –all-namespaces -o jsonpath=”{.items[*].spec.containers[*].image}”  | grep -i ddsfdfsaadfs

Find out more about this news – ZDNet, threatpost

Newsletter signup

Select topics you're
interested in

In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

Related posts

Kubeflow operations guide

Operating MLOps stacks alike Kubeflow in an increasingly multi-cloud world will be a key topic as this market and Kubernetes adoption grow. Kubeflow...

Latest community videos

MLOps community jewels The MLOps community continues to grow and gift us with great content and discussions around the topic! Here are a couple of interesting...

Still figuring out what is Kubeflow?

Kubeflow has become quite popular in the MLOps community as the tool that enables data science teams to automate their workflows from data preprocessing to...