68 matches found
[SECURITY] Fedora 35 Update: keepalived-2.2.4-2.fc35
Keepalived provides simple and robust facilities for load balancing and high availability to Linux system and Linux based infrastructures. The load balancing framework relies on well-known and widely used Linux Virtual Server IPVS kernel module providing Layer4 load balancing. Keepalived implemen...
Fedora: Security Advisory for keepalived (FEDORA-2021-255eff1bb5)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
NSA and CISA Release Guidance on Securing 5G Cloud Infrastructures
CISA has announced the joint National Security Agency NSA and CISA publication of the second of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part II: Securely Isolate Network Resources examines threats to 5G container-centric or hybrid container/virtual network, also known ...
NSA-CISA Series on Securing 5G Cloud Infrastructures
The National Security Agency NSA and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement provides recommendations for mitigating lateral movement attempts ...
Security Risks with Private 5G in Manufacturing Companies Part. 2
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...
Security Risks with Private 5G in Manufacturing Companies Part. 1
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...
Security Risks with Private 5G in Manufacturing Companies Part. 1
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...
VMware vCenter Server Information Disclosure Vulnerability (CNVD-2021-74279)
Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. An information disclosure vulnerabili...
Metarget - Framework Providing Automatic Constructions Of Vulnerable Infrastructures
1 Introduction Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. 1.1 Why Metarget? During security researches, we might find that the deployment of...
Rocke Group’s Malware Now Has Worm Capabilities
Researchers have identified an updated malware variant used by the cybercrime gang Rocke Group that targets cloud infrastructures with crypto-jacking attacks. The malware is called Pro-Ocean, which was first discovered in 2019, and has now been beefed-up with “worm” capabilities and rootkit...
Secure Cloud Infrastructures with Application Security
Watch this video to see how applications can be simplified with serverless technologies and how security and monitoring controls can be seamlessly maintained in these constrained environments...
Security Takeaways from the Great Work-from-Home Experiment
As states deal with re-opening and in some cases, re-closing, the reality is that for many organizations, remote work will play a significant role in business through 2020 and beyond. And so will increased cybercriminal activity, as demonstrated by a 131 percent increase in viruses and about 600...
Can Governments Defeat Nation-State Attacks on Critical Infrastructures?
For physical conflicts, we expect our government to protect us from nation-state adversaries. It turns out, though, that industrial enterprises are much better positioned to defeat most nation-state attacks on power plants, pipelines, and other critical infrastructures than governments are. For...
Critical VMware Bug Opens Up Corporate Treasure to Hackers
A critical information-disclosure bug in VMware’s Directory Service vmdir could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers. The vmdir is part of VMware’s vCenter Server product, which provides centralized management of virtualized hosts and...
Video Training Update, July 2019
The Qualys Training team released a major update to the Vulnerability Management Certified Training Course. We’ve also built out two new video libraries showing how to assess business process risk and how to secure cloud infrastructures in DevSecOps environments using AWS Golden AMI pipelines. An...
Man-In-The-Middle (MitM)
Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs provisioning and configuration management of predefined standard operating...
Unprotected Storage Of Credentials
Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs provisioning and configuration management of predefined standard operating...
Remote Code Execution
Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. A cross-site scripting XSS flaw was found in the way the Red Hat Satellite web interface...
Partner Perspectives: Endpoint Security Analytics with Sumo Logic and Carbon Black
As the threat landscape continues to expand, having end-to-end visibility across your modern application stack and cloud infrastructures is crucial. Customers cannot afford to have blind spots in their environment; and that includes data being ingested from third-party tools. With the industry...
Guide to Developing a National Cybersecurity Strategy—a resource for policymakers to respond to cybersecurity challenges
Nations from every corner of the world are increasingly leveraging digital transformation to grow their economies and empower businesses to improve services, including vital services provided by critical infrastructures. This adoption of new information communications technologies ICT has...