Resolving Availability vs. Security, a Constant Conflict in IT

Conflicting business requirements is a common problem – and you find it in every corner of an organization, including in information technology. Resolving these conflicts is a must, but it isn't always easy – though sometimes there is a novel solution that helps. In IT management there is a...

CVE-2021-30465

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

SUSE-SU-2020:2373-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: cobbler: - More old modules naming fixes bsc1169553 image-sync-formula: - Allow image-sync state on regular minion. Image sync state requires branch-network pillars to get the directory where to sync images. Use default /srv/saltboot if that pillar is missi...

Carbon Black Solutions Currently Compatible With Major OS Vendor Patches on Meltdown & Spectre

Recently, researchers have released details on two classes of vulnerabilities in modern CPU hardware. These vulnerabilities affect unprecedented numbers of systems and are some of the more difficult issues to address in recent history. These vulnerabilities, dubbed Meltdown and Spectre, may be...

9 Top Patch Management Practices for Businesses Security

9 Top Patch Management Practices for Businesses Security I've spent most of the past decade in information security, with a pretty big focus on incident response. It never ceases to amaze me how many security incidents pronounced hacks customers suffer as a result of unpatched systems. Patch...