Critical: Red Hat Security Advisory: OpenShift Container Platform 3.6 security and bug fix update

An update is now available for Red Hat OpenShift Container Platform 3.6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.2 security update

An update is now available for Red Hat OpenShift Container Platform 3.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.3 security update

An update is now available for Red Hat OpenShift Container Platform 3.3. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Override Access Vulnerability in DCMS Upload Management Page

Xiamen Sanwu Internet Technology Co., Ltd. is China's first "cloud computing"-based enterprise informatization services listed on the Growth Enterprise Market GEM. An unauthorized access vulnerability exists in the DCMS upload management page. An attacker can exploit the vulnerability to gain...

Excerpts from Moving Endpoint Security to the Predictive Cloud: Choosing the Right Cloud

Carbon Black recently published a whitepaper on the reasons and benefits of moving endpoint security to the cloud; this is the first excerpt from that guide, which you can find here. For more information about how the Cb Predictive Security Cloud, Carbon Black's comprehensive endpoint protection...

Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform security update

An update is now available for Red Hat OpenShift Container Platform 3.7, 3.6, 3.5, 3.4, and 3.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 11.0 Ocata. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Getting Back on the Field

Growing up as a foreign service brat, I was obsessed with security. Living in Guatemala in the 80s you had to adapt and become resilient as child. As there was no TV in our household, 10-year-old Tom began to tinker with my father’s computer and soon it became my oasis from the stress of living i...

Spectre and Meltdown from a CNO Perspective

Longtime readers know that I have no problem with foreign countries replacing American vendors with local alternatives. For example, see Five Reasons I Want China Running Its Own Software. This is not a universal principle, but as an American I am fine with it. Putting my computer network...

Spectre and Meltdown Attacks

After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute cod...

Intel In Security Hot Seat Over Reported CPU Design Flaw

UPDATE Intel is grappling with what many experts are describing as a processor design flaw impacting CPUs used in Linux, Windows and some macOS systems. The reported flaw is tied to Intel’s kernel virtual memory system that could allow an attacker to access kernel-protected data such as passwords...

Cloud Security Improves, But Much Work Still Remains to Be Done

As cloud computing adoption accelerates among businesses, InfoSec teams are struggling to fully protect cloud workloads due to a lack of visibility into these environments, and to hackers’ increasingly effective attacks. That’s the main finding from SANS Institute’s “Cloud Security: Defense in...

DevOps in the Cloud: How Data Masking Helps Speed Development, Securely

Many articles have discussed the benefits of DevOps in the cloud. For example, the centralization of cloud computing provides DevOps automation with a standard platform for testing and development; the tight integration between DevOps tools and cloud platforms lowers the cost associated with...

Debian DSA-4056-1 : nova - security update

George Shuklin from servers.com discovered that Nova, a cloud computing fabric controller, did not correctly enforce its image- or hosts-filters. This allowed an authenticated user to bypass those filters by simply rebuilding an instance. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise security, bug fix, and enhancement update

An update is now available for Red Hat OpenShift Container Platform 3.4, Red Hat OpenShift Container Platform 3.5, and Red Hat OpenShift Container Platform 3.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...

Debian: Security Advisory (DSA-4056-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.7 security, bug, and enhancement update

An update is now available for Red Hat OpenShift Container Platform 3.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Women in Tech and Career Spotlight: Shu White

Up next in our series featuring women in technology at Imperva is a spotlight on Shu White, the company’s vice president and deputy general counsel. Hailing from a legal background, I found her perspective particularly unique. Read below for Shu’s take on the cybersecurity industry, the inspiring...

Explained: the cloud

Even if you are reading this post because you have no idea what the cloud is, you might be using it more often than you realize. Twitter, LinkedIn, Dropbox, Google Drive, and Microsoft Office 365 are some of the most well-known cloud apps. Let’s start with a definition of the cloud to get a grip ...