kernel: increase slab leak leads to DoS

A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...

kernel: increase slab leak leads to DoS

A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...

6 strategies to reduce cybersecurity alert fatigue in your SOC

Today, organizations are faced with the increasingly difficult task of trying to protect their expanding digital estate from sophisticated cybersecurity threats. Migration to the cloud and a mobile workforce has dissolved the network boundary and projected the digital estate beyond its traditiona...

container-tools:2.0 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: podman exec is fragile in the presence of signals BZ1913294...

ALBA-2021:0546 container-tools:2.0 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: podman exec is fragile in the presence of signals BZ1913294...

Don't use functions as callbacks unless they're designed for it

Here's an old pattern that seems to be making a comeback: // Convert some numbers into human-readable strings: import toReadableNumber from 'some-library'; const readableNumbers = someNumbers.maptoReadableNumber; Where the implementation of toReadableNumber is like this: export function...

Microsoft surpasses $10 billion in security business revenue, more than 40 percent year-over-year growth

I joined Microsoft a little more than six months ago—amid a global pandemic and a new norm of remote work, as well as one of the most rapidly evolving threat landscapes in history. We’ve witnessed more sophisticated attacks, like the recent SolarWinds incident, as well as an increase in attack...

Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed "AIR-FI," the attack hing...

Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack

Researchers have uncovered a new attack that lets bad actors snoop in on homeowners’ private conversations – through their robot vacuums. The vacuums, which utilize smart sensors in order to autonomously operate, have gained traction over the past few years. The attack, called “LidarPhone” by...

CVE-2020-16126

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion...

CVE-2020-16126 accountsservice drops ruid, allows unprivileged users to send it signals

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion...

CVE-2020-16126

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion...

Better Together: Akamai Enhances Zero Trust Network Access with CrowdStrike

More than ever before, users and applications no longer reside at the office. Organizations are managing a mobile and globally distributed workforce that needs access to corporate systems, applications, and data from outside the traditional network perimeter. In addition, cyberattackers are...

Measuring & Improving Core Web Vitals

Google recently announced a proposed update to its search ranking algorithm: the Page Experience Update. This change, which launches in 2021, includes more performance signals in the ranking algorithm. A subtle but important feature of the update is that AMP will no longer be a requirement for...

Measuring and Improving Core Web Vitals

Google recently announced a proposed update to its search ranking algorithm: the Page Experience Update. This change, which launches in 2021, includes more performance signals in the ranking algorithm. A subtle but important feature of the update is that AMP will no longer be a requirement for...

kernel: possible to send arbitrary signals to a privileged (suidroot) parent process

A flaw was found in the Linux kernel loose validation of child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

Akamai Identified as a Leader Among Zero Trust Providers by Independent Research Firm

We are pleased to share that Akamai has been identified as a Leader in The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020. In the report, Forrester evaluated how each vendor's portfolio maps and delivers on specific components of the Zero Trust eXtended ZTX framework...

Rethinking Defensive Strategy at the Edge, Part 3: Strategies for Protective Action

Our three-part blog series, Re-thinking Defensive Strategy at the Edge, has been focusing on outlining a new defensive edge strategy for today's enterprise. We began with a discussion of data and indicators. Most recently, our second post focused on using risk signals and correlating them for...

Rethinking Defensive Strategy at the Edge, Part 2: Risk Signals as Security Controls

In the first post in our blog series Rethinking Defensive Strategy at the Edge, we began to outline why a new defensive edge strategy is needed for today's enterprise. As previously mentioned, the strategy enhances those in place and introduces another layer of defense that includes the following...

Rethinking Defensive Strategy at the Edge, Part 1: A Changing Landscape for Securing Users

In recent years, new enterprise remote access architectures and frameworks have been introduced, such as Zero Trust Access ZTA. Those concepts have driven changes in the way the network perimeter has been defined -- specifically, from the outside in, not the inside out. Access to applications and...