Companies can mitigate attacks like this by using the latest versions of container images to ensure the images are adequately patched. Some of the vulnerabilities being exploited are over two years old, with the associated patches released for nearly as long. Moreover, engineers and administrators can check vendor guides for recommended security settings to harden deployments. Administrators can restrict public access to containers to the bare minimum appropriate to an organization’s risk management framework. In addition, organizations should monitor the resource utilization of containers to look for abnormal usage, which may be an indicator of a cryptominer running on the container.
https://www.bleepingcomputer.com/news/security/microsoft-kubernetes-clusters-hacked-in-malware-campaign-via-postgresql/
https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/initial-access-techniques-in-kubernetes-environments-used-by/ba-p/3697975
