Talos Linux ships runc vulnerable to the escape to the host attack

Impact Snyk has discovered a vulnerability in all versions of runc =1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious...

Wiz recognized with top score for the current offering category in The Forrester Wave™: Cloud Workload Security, Q1, 2024

Learn why Forrester recognized Wiz as the top ranked in the current offering category on the market out of the top 13 providers, and how their analysis connects with the Wiz vision...

Aembit Teams Up with CrowdStrike for Secure Workload Access

By cyberwire Aembit Announces New Workload IAM Integration with CrowdStrike to Help Enterprises Secure Workload-to-Workload Access. This is a post from HackRead.com Read the original post: Aembit Teams Up with CrowdStrike for Secure Workload Access...

[SECURITY] [DSA 5609-1] slurm-wlm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5609-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 28, 2024 https://www.debian.org/security/faq -...

CVE-2023-52338

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged cod...

CVE-2023-52338

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged cod...

Improper access control

An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileg...

CVE-2023-52338

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged cod...

CVE-2023-52338

CVE-2023-52338 affects Trend Micro Deep Security v20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent. The vulnerability is a local privilege escalation via a link-following flaw in the Anti-Malware/Deep Security component, requiring the attacker to already run low-privilege cod...

Trend Micro Deep Security Security Vulnerabilities

Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent that stems from an improper access control vulnerability. It could allow a...

Trend Micro Deep Security Security Vulnerabilities

Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent. It could allow a local attacker to elevate privileges on an affected...

CVE-2023-45085

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads tha...

CVE-2023-45085 When compute hosts are disabled and reenabled, they immediately transition to "ON", not "INIT"

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads tha...

SoftIron HyperCloud Security Vulnerability

SoftIron HyperCloud is an intelligent cloud architecture from SoftIron. A security vulnerability exists in SoftIron HyperCloud versions prior to 2.0.0 to 2.0.3, which stems from the fact that compute nodes can come online without being properly initialized, resulting in workloads being deployed t...

CVE-2023-5408

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the clust...

What is a Cloud Native Application Protection Platform CNAPP ?

Revealing the Secrets of the Cloud-specific Application Safety Platform CSASP In the landscape of online safety, the notion of the Cloud-specific Application Safety Platform CSASP is something relatively unheard of, but rapidly gaining popularity. Intuitively from its name, CSASP is a system...

Wiz recognized as a 2023 Frost & Sullivan Radar Leader in Cloud Workload Protection Platform

In its 2023 Frost Radar™ analysis, Frost & Sullivan identified the top companies in the Global Cloud Workload Protection Platform CWPP market. Wiz is honored to be included on the list!...

Oracle WebCenter Portal Multiple Vulnerabilities (October 2023 CPU)

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the October 2023 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component:...

Code injection

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

Security Bulletin: Vulnerability in IBM WebSphere Application Server (CVE-2023-35890) shipped with IBM Workload Scheduler 9.4

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Workload Scheduler, which results in IBM Workload Scheduled being impacted by this vulnerability. IBM WebSphere Application Server traditional is vulnerable to a vulnerability that could provide weaker than expected...