Rhino Security Labs

Strategic & Technical Blog

GKE Kubelet TLS Bootstrap Privilege Escalation

Jack Ganbold

Kubernetes is becoming increasingly popular and the de facto standard for container orchestration. In recent Google Cloud Platform (GCP), Amazon Web Service (AWS), and Azure cloud pentests, we have seen many of our clients using Kubernetes…

Privilege Escalation in
Google Cloud Platform – Part 2 (Non-IAM)

Privilege Escalation in
Google Cloud Platform – Part 1 (IAM)

Working-As-Intended:
RCE to IAM Privilege Escalation in GCP Cloud Build

Spencer Gietzen

We have previously released a lot of research around Identity & Access Management (IAM) privilege escalation in AWS (last post here).  Very similar, this blog will focus on a feature of Google Cloud Platform (GCP) that might allow for…