“Secret” Agent Exposes Azure Customers To Unauthorized Code Execution

Wiz Research recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services...

Moderate: Red Hat Enhancement Advisory: OpenShift Container Platform Assisted Installer version 1.0.25 release

Assisted Installer version 1.0.25 is now available for Red Hat OpenShift Container Platform. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.6.44 packages update

Red Hat OpenShift Container Platform release 4.6.44 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.29 bug fix and security update

Red Hat OpenShift Container Platform release 4.7.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...

DoD Cloud Computing Impact Level 6 – the unclassified edition

The final Impact Level IL referenced in the Department of Defense DoD Cloud Computing CC Security Requirements Guide SRG is IL6. IL6 allows Cloud Service Providers CSPs to store information up to SECRET or below. CSPs can utilize their own infrastructure or deploy their cloud service offering CSO...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.7.28 security update

Red Hat OpenShift Container Platform release 4.7.28 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.9 packages and security update

Red Hat OpenShift Container Platform release 4.8.9 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.7.24 packages update

Red Hat OpenShift Container Platform release 4.7.24 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.42 security update

Red Hat OpenShift Container Platform release 4.6.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.23 security update

Red Hat OpenShift Container Platform release 4.7.23 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.7.23 packages update

Red Hat OpenShift Container Platform release 4.7.23 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.4 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...

DoD Cloud Computing Impact Levels 4-5

Moving past DoD Impact Level 2 IL2, the logical next step should be IL3; however, IL3 is no longer used by the Department of Defense DoD and has been consolidated into IL4. DoD IL4 is designed to store, process, and transmit up to controlled unclassified information CUI related to military or...

Unauthorized Access Vulnerability in RAID Management System

Tiandiweiye is an intelligent security solution provider, based on artificial intelligence, big data, cloud computing, Internet of Things and other technologies, providing intelligent video products, system solutions and technical services for public security, politics and law, transportation,...

Red Hat OpenShift has unexplained holes

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat that supports building, testing, deploying, and running applications.A security vulnerability exists in versions prior to OpenShift version 4.8, which stems from a certificate generated by a service CA within ...

Arbitrary File Read Vulnerability in TerraMaster System Management at Shenzhen Tumi Electronic Technology Co.

TerraMaster is a cloud computing brand of Shenzhen Tumi Electronic Technology Co. An arbitrary file read vulnerability exists in the management of the TerraMaster system of Shenzhen Tumi Electronic Technology Co. Ltd, which can be exploited by an attacker to obtain sensitive information...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.38 extras and security update

Red Hat OpenShift Container Platform release 4.6.38 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of...

Requirements for DoD Impact Level 2

As discussed in the previous blog post on FedRAMP+, there are four authorization levels defined in the Department of Defense DoD Cloud Computing CC Security Requirements Guide SRG. In this post we will give a brief rundown of the lowest authorization level, DoD Impact Level IL 2, and the security...

Cloud Cryptomining Swindle in Google Play Rakes in Cash

Bogus cryptomining apps for Android available for download on Google Play are estimated to have scammed more than 93,400 victims to date, researchers said, stealing at least $350,000. According to Lookout, the apps – categorized into “BitScam” and “CloudScam” versions – advertise themselves as...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.7.19 packages and security update

Red Hat OpenShift Container Platform release 4.7.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...