Microsoft Azure Site Recovery 安全漏洞

Microsoft Azure Site Recovery is a type of Site Recovery DRaaS from Microsoft, USA. It is used for cloud and hybrid cloud architectures. A security vulnerability exists in Microsoft Azure Site Recovery. No information about this vulnerability is available at this time, so please stay tuned to CNN...

380K Kubernetes API Servers Exposed to Public Internet

More than 380,000 Kubernetes API servers allow some kind of access to the public internet, making the popular open-source container-orchestration engine for managing cloud deployments an easy target and broad attack surface for threat actors, researchers have found. The Shadowserver Foundation...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.9.29 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a...

CVE-2021-20238

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

CVE-2021-20238

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows

Kubernetes clusters are being attacked via misconfigured Argo Workflows instances, security researchers are warning. Argo Workflows is an open-source, container-native workflow engine for orchestrating parallel jobs on Kubernetes – to speed up processing time for compute-intensive jobs like machi...

Watch Out! Mission Critical SAP Applications Are Under Active Attack

Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common securit...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.19 openshift-enterprise-hyperkube-container security update

An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.13 machine-config-daemon and openshift security update

An update for machine-config-daemon and openshift is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.4.4 security update

Red Hat OpenShift Container Platform release 4.4.4 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.11 security update

Red Hat OpenShift Container Platform release 3.11.200 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Akamai's Prolexic Platform Completes Fifth Generation Upgrade

Akamai introduces new enhancements today to its Prolexic Routed purpose-built DDoS scrubbing service that reflect the changing nature of the threat landscape and capitalize on cloud functionality to enable maximum customer flexibility using newer deployment models. For anyone worried about DDoS...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.22 openshift-enterprise-hypershift-container security update

An update for openshift-enterprise-hypershift-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Dow Jones Hammer - Protect The Cloud With The Power Of The cloud(AWS)

Dow Jones Hammer is a multi-account cloud security tool for AWS. It identifies misconfigurations and insecure data exposures within most popular AWS resources, across all regions and accounts. It has near real-time reporting capabilities e.g. JIRA, Slack to provide quick feedback to engineers and...

PYSEC-2019-119

SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.userchpass function from the MySQL module for Salt. The attack vector is: specially crafted...

Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update

Red Hat OpenShift Container Platform release 3.11.59 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

Wallarm to Sponsor KubeCon + CloudNative Con

If you have not registered yet for the main Kubernetes event in North America which will start on December 10th in Seattle, you may be out of luck. The event is sold out and is only taking the waitlist applications. But if you are going, KubeCon + CloudNativeCon promises to be a treat with the...

ThreatList: One-Third of Firms Say Their Container Security Lags

Even as companies move to embrace cloud deployments and containers, most organizations with such deployments don’t feel prepared to adequately secure cloud-native applications. According to StackRox’ State of Container Security report, which polled about 230 respondents in the U.S., more than a...

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.2 security update

An update is now available for Red Hat OpenShift Container Platform 3.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Security Analysis with Bamboo Plugin

Build Management with Bamboo In the process of continuous integration, a code repository is automatically built and tested by a CI service when code is pushed or committed to the repository. This enables automated testing, tracking, and reporting of build errors and boosts the productivity of...