Prepare for more sophisticated security threats in 2021

As computing becomes more distributed to achieve greater optimization and efficiency, the threats posed by cyberattackers are destined to become increasingly more sophisticated. Here are some steps organizations should take in 2021 to mitigate such sophisticated security threats. Start with...

[SECURITY] Fedora 33 Update: nats-server-2.1.9-1.fc33

A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...

The Advantages and Risks of Serverless Computing

Organizations are increasingly embracing serverless computing for its convenience and cost-effectiveness. But many IT teams are blindly embracing this innovation in cloud technology without consulting their security peers. As a result, we can expect to see a growing number of cyber-attacks in thi...

How the Edge Improves Microservices

Microservice architecture has transformed the way we develop and operate our applications. Microservices aren't a technology or a programming language. Instead, they create a structure for designing and building applications based on the idea that the individual functions of a website should...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.9 security and bug fix update

Red Hat OpenShift Container Platform release 4.6.9 is now available with updates to packages and images that fix several bugs and add enhancements. This release also includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

Unauthorized Access Vulnerability in EDAS, an Enterprise Distributed Application Service of AliCloud Computing Co.

Enterprise Distributed Application Service EDAS Enterprise Distributed Application Service is a one-stop PaaS platform for application full lifecycle management and monitoring, supporting deployment in Kubernetes/ECS, non-intrusive support for Java/Go/Python/PHP/ . NetCore and other multi-languag...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11.346 security and bug fix update

Red Hat OpenShift Container Platform release 3.11.346 is now available with updates to packages and images that fix several bugs. This release includes a security update for Kubernetes for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a securi...

Low: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.5.23 packages update

Red Hat OpenShift Container Platform release 4.5.23 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

EulerOS 2.0 SP5 : pcp (EulerOS-SA-2020-2557)

According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...

Unauthorized Access Vulnerability in AliCloud Lightweight Configuration and Registry

AliCloud Computing Ltd. is a cloud computing and artificial intelligence technology company dedicated to making computing and artificial intelligence a pervasive technology by providing secure and reliable computing and data processing capabilities as an online public service. An unauthorized...

Shifting from Network Security to Data Security

The world-wide events of 2020 have meant that organisations have had to simply react and adapt. More data is being moved to the cloud, applications are built in cloud environments, and more and more databases are being used to support the shift in the way we work. 59% of enterprises believe their...

AWS, Cisco, and CompTIA Exam Prep — Get 22 Courses for $4.50 Each

You don't need a college degree to get a well-paid job in IT. But technical recruiters do expect to see key certifications on your résumé. If you would like to improve your chances of getting hired, "The 2021 All-In-One AWS, Cisco & CompTIA Super Certification Bundle" is worth your attention. Thi...

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:3597-1)

This update for python fixes the following issues : Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and...

SUSE SLED15 / SLES15 Security Update : libproxy (SUSE-SU-2020:2901-1)

This update for libproxy fixes the following issues : CVE-2020-25219: Rewrote url::recvline to be nonrecursive bsc1176410. CVE-2020-26154: Fixed a buffer overflow when PAC is enabled bsc1177143. Note that Tenable Network Security has extracted the preceding description block directly from the SUS...

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic

German divers for the environmental group World Wildlife Fund were searching the ocean floor for abandoned nets threatening marine wildlife. What they found instead is a treasured piece of computing history, a World War II-era German Enigma crypto machine, sunk to the bottom of the Baltic Sea to...

Can Edge Computing Exist Without the Edge? Part 2: Edge Computing

In part 1 of this series, I drew the architectural distinction between a centralized cloud platform and a distributed edge network. This is an important foundation upon which to explain the difference between cloud computing and edge computing. The two serve very different and complementary...

Can Edge Computing Exist Without the Edge? Part 2: Edge Computing

In part 1 of this series, I drew the architectural distinction between a centralized cloud platform and a distributed edge network. This is an important foundation upon which to explain the difference between cloud computing and edge computing. The two serve very different and complementary...

Embedded TCP/IP stacks have memory corruption vulnerabilities

Overview Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things IoT and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU96491057 as well as the name AMNESIA:33...

Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping

Researchers have discovered new samples of a previously discovered Android malware, which is believed to be linked to the APT39 Iranian cyberespionage threat group. The new variant comes with new surveillance capabilities – including the ability to snoop on victims’ Skype, Instagram and WhatsApp...

Chinese Breakthrough in Quantum Computing a Warning for Security Teams

China’s top quantum-computer researchers have reported that they have achieved quantum supremacy, i.e., the ability to perform tasks a traditional supercomputer cannot. And while it’s a thrilling development, the inevitable rise of quantum computing means security teams are one step closer to...