What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-03-13 10:20:56 | Comment Uber a optimisé son déploiement Cassandra (lien direct) | Décommissionnement, réparation, transactions légères... Uber revient sur quelques défis rencontrés avec le passage à l'échelle de Cassandra. | Uber | ★ | |
 |
2024-01-30 12:00:18 | Passer sans effort vers PassKeys sur des téléphones Pixel avec Google Password Manager Effortlessly upgrade to Passkeys on Pixel phones with Google Password Manager (lien direct) |
Posted by Sherif Hanna, Group Product Manager, Pixel Security
Helping Pixel owners upgrade to the easier, safer way to sign in
Your phone contains a lot of your personal information, from financial data to photos. Pixel phones are designed to help protect you and your data, and make security and privacy as easy as possible. This is why the Pixel team has been especially excited about passkeys-the easier, safer alternative to passwords.
Passkeys are safer because they\'re unique to each account, and are more resistant against online attacks such as phishing. They\'re easier to use because there\'s nothing for you to remember: when it\'s time to sign in, using a passkey is as simple as unlocking your device with your face or fingerprint, or your PIN/pattern/password.
Google is working to accelerate passkey adoption. We\'ve launched support for passkeys on Google platforms such as Android and Chrome, and recently we announced that we\'re making passkeys a default option across personal Google Accounts. We\'re also working with our partners across the industry to make passkeys available on more websites and apps.
Recently, we took things a step further. As part of last December\'s Pixel Feature Drop, we introduced a new feature to Google Password Manager: passkey upgrades. With this new feature, Google Password Manager will let you discover which of your accounts support passkeys, and help you upgrade with just a few taps.
This new passkey upgrade experience is now available on Pixel phones (starting from Pixel 5a) as well as Pixel Tablet. Google Password manager will incorporate these updates for other platforms in the future.
Best of all, today we\'re happy to announce that we\'ve teamed up with Adobe, Best Buy, DocuSign, eBay, Kayak, Money Forward, Nintendo, PayPal, Uber, Yahoo! Japan-and soon, TikTok as well, to help bring you this easy passkey upgrade experience and usher you into the passwordless future.
If you have an account with one of these early launch partners, Google Password Manager on Pixel will helpfully guide you to the exact location on the partner\'s website or app where you can upgrade to a passkey. There\'s no need to manually hunt for the option in acc |
Mobile | Uber | ★★★ |
 |
2024-01-23 20:03:00 | Vextrio: The Uber of Cybercrime - Broking Malware pour plus de 60 affiliés VexTrio: The Uber of Cybercrime - Brokering Malware for 60+ Affiliates (lien direct) |
Les acteurs de la menace derrière Clearfake, Socgholish et des dizaines d'autres acteurs ont établi des partenariats avec une autre entité connue sous le nom de & nbsp; Vextrio & nbsp; dans le cadre d'un «programme d'affiliation criminelle» massif », révèlent les nouvelles conclusions d'Infoblox.
Le dernier développement démontre "l'étendue de leurs activités et la profondeur de leurs liens au sein de l'industrie de la cybercriminalité", a déclaré la société,
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new findings from Infoblox reveal. The latest development demonstrates the "breadth of their activities and depth of their connections within the cybercrime industry," the company said, |
Malware Threat | Uber | ★★★★ |
|
2024-01-15 09:55:48 | Comment Uber a déployé Kerberos à l\'échelle (lien direct) | En 2016, Uber amorçait le déploiement de Kerberos, initialement pour sa plate-forme Hadoop. Le périmètre s'est bien élargi depuis. | Uber | ★★ | |
|
2024-01-10 09:25:47 | Comment Uber a unifié ses déploiements de configuration (lien direct) | Uber a mis en place un système unifié pour distribuer ses mises à jour de configuration. Comment s'architecture-t-il et quels en sont les bénéfices ? | Uber | ★★★ | |
 |
2024-01-09 11:57:12 | L'augmentation préoccupante des attaques centrées sur l'identité: tendances et faits The Concerning Rise in Identity-Centric Attacks: Trends and Facts (lien direct) |
Identity threats are by no means a new type of crime. But in today\'s increasingly digitized world, there are more opportunities for bad actors to steal identities and engage in identity-centric attacks than ever before. Unfortunately, user identities are tough for businesses to protect. The fact that these types of attacks are skyrocketing is evidence of that-in the past year alone the Identity Defined Security Alliance reports that a whopping 84% of companies experienced an identity-related security breach. In this post, we\'ll take a look at identity attack statistics and trends and provide some recent case studies to illustrate how some attacks work. We\'ll also highlight one of the most important identity threat facts-that the human element plays a crucial role in the success of these attacks. Understanding identity-centric attacks There are many types of identity attacks. When most people think of these types of crimes, they often imagine traditional identity theft scenarios: Financial identity theft, where a criminal gains access to a victim\'s financial data, like their credit card details, bank account numbers or Social Security number, to make unauthorized purchases, withdraw funds or open new accounts. Tax identity theft, where a bad actor uses a victim\'s personal information to file false tax returns and claim refunds, diverting the money to their own accounts. Employment identity theft, where a fraudster uses a victim\'s identity to get a job, potentially causing issues for that person when discrepancies arise in their employment and tax records. But identity-based attacks also target enterprises and their online users. The cybercriminals behind these attacks might aim to steal sensitive data, siphon off funds, damage or disrupt systems, deploy ransomware or worse. Those are the types of identity attacks we\'re covering here. Identity threat trends and tactics In short, identity-centric attacks are a practical calculation by bad actors: Why would they invest their time and resources to build exploits to help them get in through a virtual back door when they can just walk through the front door? But before they reap the rewards, they still have some legwork to do. Here are a few techniques that cybercriminals use to progress identity-based attacks against businesses and their users: MFA bypass attacks. Many businesses today use multifactor authentication (MFA) to protect the account of their users. It\'s more secure than using passwords alone. But of course, bad actors have found new ways to bypass commonly used MFA methods. MFA fatigue attacks are one example. People-activated malware. People often give life to malware when they fall for a phishing scam or other social engineering tactics. Malware can appear in the form of a .zip file, QR code, .html link, MS Office file and more-there are at least 60 known techniques to plant people-activated malware on corporate networks. Active Directory (AD) attacks. Most enterprises today use AD as a primary method for directory services like user authentication and authorization. Cybercriminals are keen to target AD, which touches almost every place, person and device on a network. This approach works very well, too-more than half of identity-related breaches can be traced back to AD. Cached credentials harvesting. Cached credentials are commonly stored on endpoints, in memory, in the registry, in a browser or on disk. Attackers use various tools and techniques to collect these credentials and gain access to more privileged identities. Once they have harvested these credentials, they can use them to move laterally and log into different applications. Adversaries are likely to find a good “crop” when they are harvesting cached credentials. Recent research from Proofpoint found that more than one in 10 endpoints have exposed privileged account passwords, making it one of the most common identity risks. Keep in mind that cybercriminals are always innovating, and they are quick to build or adopt tools that | Ransomware Malware Tool Threat Studies | Uber | ★★ |
 |
2023-12-07 12:30:00 | La responsabilité craint de nuire au rôle de CISO, explique l'ancien Uber CISO Liability Fears Damaging CISO Role, Says Former Uber CISO (lien direct) |
L'ancien Uber Ciso Joe Sullivan dit que les CISO pensent à eux-mêmes plutôt qu'à la vue d'ensemble en raison du risque de responsabilité personnelle
Former Uber CISO Joe Sullivan says CISOs are thinking about themselves rather than the bigger picture due to the risk of personal liability |
Uber | ★★ | |
 |
2023-12-04 12:05:33 | IA et confiance AI and Trust (lien direct) |
Je faisais beaucoup confiance aujourd'hui.Je faisais confiance à mon téléphone pour me réveiller à temps.Je faisais confiance à Uber pour organiser un taxi pour moi, et le conducteur pour me rendre à l'aéroport en toute sécurité.Je faisais confiance à des milliers d'autres conducteurs sur la route pour ne pas enfoncer ma voiture en chemin.À l'aéroport, j'ai fait confiance aux agents de billets et aux ingénieurs de maintenance et à tous les autres qui font fonctionner les compagnies aériennes.Et le pilote de l'avion que j'ai volé.Et des milliers d'autres personnes à l'aéroport et dans l'avion, dont n'importe laquelle auraient pu m'attaquer.Et toutes les personnes qui ont préparé et servi mon petit-déjeuner, et toute la chaîne d'approvisionnement alimentaire & # 8212; chacune d'entre elles aurait pu m'empoisonner.Quand j'ai atterri ici, je faisais confiance à des milliers de personnes supplémentaires: à l'aéroport, sur la route, dans ce bâtiment, dans cette pièce.Et c'était avant 10h30 ce matin ...
I trusted a lot today. I trusted my phone to wake me on time. I trusted Uber to arrange a taxi for me, and the driver to get me to the airport safely. I trusted thousands of other drivers on the road not to ram my car on the way. At the airport, I trusted ticket agents and maintenance engineers and everyone else who keeps airlines operating. And the pilot of the plane I flew. And thousands of other people at the airport and on the plane, any of which could have attacked me. And all the people that prepared and served my breakfast, and the entire food supply chain—any of them could have poisoned me. When I landed here, I trusted thousands more people: at the airport, on the road, in this building, in this room. And that was all before 10:30 this morning... |
Uber | ★★ | |
 |
2023-11-29 23:00:00 | XM Cyber lance la gestion de l'exposition de Kubernetes pour protéger intelligemment les environnements de conteneurs critiques XM Cyber Launches Kubernetes Exposure Management to Intelligently Protect Critical Container Environments (lien direct) |
Je faisais beaucoup confiance aujourd'hui.Je faisais confiance à mon téléphone pour me réveiller à temps.Je faisais confiance à Uber pour organiser un taxi pour moi, et le conducteur pour me rendre à l'aéroport en toute sécurité.Je faisais confiance à des milliers d'autres conducteurs sur la route pour ne pas enfoncer ma voiture en chemin.À l'aéroport, j'ai fait confiance aux agents de billets et aux ingénieurs de maintenance et à tous les autres qui font fonctionner les compagnies aériennes.Et le pilote de l'avion que j'ai volé.Et des milliers d'autres personnes à l'aéroport et dans l'avion, dont n'importe laquelle auraient pu m'attaquer.Et toutes les personnes qui ont préparé et servi mon petit-déjeuner, et toute la chaîne d'approvisionnement alimentaire & # 8212; chacune d'entre elles aurait pu m'empoisonner.Quand j'ai atterri ici, je faisais confiance à des milliers de personnes supplémentaires: à l'aéroport, sur la route, dans ce bâtiment, dans cette pièce.Et c'était avant 10h30 ce matin ...
I trusted a lot today. I trusted my phone to wake me on time. I trusted Uber to arrange a taxi for me, and the driver to get me to the airport safely. I trusted thousands of other drivers on the road not to ram my car on the way. At the airport, I trusted ticket agents and maintenance engineers and everyone else who keeps airlines operating. And the pilot of the plane I flew. And thousands of other people at the airport and on the plane, any of which could have attacked me. And all the people that prepared and served my breakfast, and the entire food supply chain—any of them could have poisoned me. When I landed here, I trusted thousands more people: at the airport, on the road, in this building, in this room. And that was all before 10:30 this morning... |
Uber | ★★ | |
 |
2023-11-28 20:42:54 | XM Cyber lance la nouvelle gestion de l'exposition de Kubernetes XM Cyber Launches New Kubernetes Exposure Management (lien direct) |
XM Cyber lance la nouvelle gestion de l'exposition de Kubernetes pour protéger intelligemment les environnements de conteneurs critiques
Extension de sa classe de graphe d'attaque XM de pointe ™ à Kubernetes, XM Cyber est la première et la seule solution de gestion de l'exposition qui fonctionne dans des environnements hybrides
-
revues de produits
XM Cyber Launches New Kubernetes Exposure Management to Intelligently Protect Critical Container Environments Extending its industry-leading XM Attack Graph Analysis™ to Kubernetes, XM Cyber is the first and only exposure management solution that works across hybrid environments - Product Reviews |
Uber | ★★ | |
|
2023-11-28 19:57:00 | L'ancien Uber Ciso s'exprime, après 6 ans, sur la violation de données, Solarwinds Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds (lien direct) |
Joe Sullivan, épargné de prison, pèse sur les leçons tirées de la violation Uber 2016 et de l'importation de l'affaire Ciso de Solarwinds.
Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case. |
Data Breach Legislation | Uber Uber | ★★★ |
|
2023-11-27 09:26:51 | 8 sujets essentiels de cybersécurité à inclure dans votre programme de formation 8 Essential Cybersecurity Topics to Include in Your Training Program (lien direct) |
Your employees have a critical role to play as a first line of defense against cyberthreats. But to be effective, they need to know what those threats are-and stay apprised of how they\'re evolving. A comprehensive security awareness program is the key to helping your users grow their understanding of attackers\' methods and objectives so they can become more proactive defenders. That includes knowing what strategies malicious actors employ to manipulate people so they can use them to enable their campaigns. The importance of security awareness It\'s well worth taking the time to craft a meaningful and engaging security awareness program. By presenting the right mix of information to your users in a compelling way, you can empower them to help you improve your organization\'s security posture as well as create a more robust security culture overall. The cybersecurity topics that you include in your program should be relevant to your business and industry, of course. Companies face different cyberthreat challenges and regulatory compliance requirements related to data protection and data privacy. That said, there are several subjects that almost any modern business, regardless of its industry, will want to ensure its employees understand. We list eight of these cybersecurity topics below. They are the go-to approaches and tools that attackers around the world commonly use to compromise users and their accounts, disrupt normal business operations, steal money or data, and do other damage. Here\'s a high-level overview of these eight must-know cybersecurity topics: 1. Social engineering Social engineering is a collection of techniques malicious actors use to manipulate human psychology. Attackers rely on these strategies to trick or threaten users to take actions such as giving up account credentials, handing over sensitive data, running malicious code and transferring funds. They do this by taking advantage of users\': Emotions, by conveying a sense of urgency, generating excitement about an opportunity, or creating fear around losing money or doing something wrong Trust, by posing as someone familiar to the user or a trusted brand or authority-such as the Internal Revenue Service (IRS), UPS, Amazon or Microsoft Fatigue, by timing attacks when users are likely to be tired or distracted and more inclined to let their “emotional mind” guide their decision-making Common social engineering tactics include phishing-which we cover in the next section-and these others: Social media reconnaissance. Attackers often turn to social media to gather information about users that they target with their campaigns. These efforts can include direct outreach to users. Vishing (voice phishing) and smishing (SMS/text phishing). Vishing is the fraudulent practice of making phone calls or leaving voice messages purporting to be from a trusted brand or authority. With smishing, attackers use text messages to send SMS messages to users or robocall them. The messages often promise gifts or services in exchange for payment. Telephone-oriented attack delivery (TOAD). TOAD attacks start with an email that claims to be from a legitimate source and includes a phone number for customer assistance. Callers are connected to fake customer service representatives who then direct the victim through the attack. They may instruct the victim to let them access their machine remotely or download a file that turns out to be malware. Or they might direct them to a phishing site. Common sense can go a long way toward preventing a social engineering attack. Make sure to reiterate that if a message seems too good to be true, it\'s very likely a scam. And if something doesn\'t look or sound right, it probably isn\'t. 2. Phishing Phishing is an example of social engineering. Most phishing messages are sent by email. But some attackers deliver these messages through other methods, including smishing and vishing. Here are some typical strategies: Malicious links. When a user clicks on a | Ransomware Malware Tool Vulnerability Threat Mobile Cloud | Uber Uber | ★★ |
|
2023-11-24 12:14:00 | Kubernetes Secrets of Fortune 500 Companies exposées dans les référentiels publics Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories (lien direct) |
Les chercheurs en cybersécurité avertissent les secrets de configuration de Kubernetes exposés publiquement qui pourraient mettre les organisations à risque d'attaques de la chaîne d'approvisionnement.
"Ces secrets de configuration de Kubernetes codés ont été téléchargés dans des référentiels publics", a déclaré les chercheurs de la sécurité aqua Yakir Kadkoda et Assaf Morag dans une nouvelle recherche publiée plus tôt cette semaine.
Certains de ceux touchés incluent deux top blockchain
Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some of those impacted include two top blockchain |
Uber | ★★★ | |
 |
2023-11-22 16:48:24 | Les chercheurs découvrent une exposition dangereuse des secrets sensibles de Kubernetes Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets (lien direct) |
> Les chercheurs d'Aqua attirent une attention urgente sur l'exposition publique des secrets de configuration de Kubernetes, avertissant que des centaines d'organisations sont vulnérables à cette «bombe d'attaque de la chaîne d'approvisionnement».
>Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.” |
Uber | ★★ | |
|
2023-11-22 16:15:25 | Rootkit transforme les kubernetes de l'orchestration à la subversion Rootkit Turns Kubernetes from Orchestration to Subversion (lien direct) |
Les compromis Kubernetes ont généralement conduit les attaquants à créer des conteneurs de cryptomiminage, mais les résultats pourraient être bien pires, disent les chercheurs se présentant à la conférence Black Hat Europe.
Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. |
Conference | Uber | ★★ |
|
2023-11-22 16:15:25 | Rootkit transforme les kubernetes de l'orchestration à la subversion Rootkit Turns Kubernetes From Orchestration to Subversion (lien direct) |
Les compromis Kubernetes ont généralement conduit les attaquants à créer des conteneurs de cryptomiminage, mais les résultats pourraient être bien pires, disent les chercheurs se présentant à la conférence Black Hat Europe.
Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. |
Conference | Uber | ★★ |
|
2023-11-21 08:35:02 | Prévenir les attaques de fatigue du MFA: sauvegarder votre organisation Preventing MFA Fatigue Attacks: Safeguarding Your Organization (lien direct) |
Gaining access to critical systems and stealing sensitive data are top objectives for most cybercriminals. Social engineering and phishing are powerful tools to help them achieve both. That\'s why multifactor authentication (MFA) has become such an important security measure for businesses and users. Without MFA as part of the user authentication process, it is much less challenging for an attacker with stolen credentials to authenticate a user\'s account. The primary goal of MFA is to reduce the risk of unauthorized access, especially in situations where passwords alone may not provide enough protection. Even if an attacker steals a user\'s password, with MFA they still need the second factor (and maybe others) to gain access to an account. Examples of MFA factors include biometrics, like fingerprints, and signals from user devices, like GPS location. MFA isn\'t a perfect solution, though-it can be bypassed. Adversaries are relentless in their efforts to undermine any security defenses standing in the way of their success. (The evolution of phish kits for stealing MFA tokens is evidence of that.) But sometimes, attackers will choose to take an in-your-face approach that is not very creative or technical. MFA fatigue attacks fall into that category. What are MFA fatigue attacks-and how do they work? MFA fatigue attacks, also known as MFA bombing or MFA spamming, are a form of social engineering. They are designed to wear down a user\'s patience so that they will accept an MFA request out of frustration or annoyance-and thus enable an attacker to access their account or device. Many people encounter MFA requests daily, or even multiple times per day, as they sign-in to various apps, sites, systems and platforms. Receiving MFA requests via email, phone or other devices as part of that process is a routine occurrence. So, it is logical for a user to assume that if they receive a push notification from an account that they know requires MFA, it is a legitimate request. And if they are very busy at the time that they receive several push notifications in quick succession to authenticate an account, they may be even more inclined to accept a request without scrutinizing it. Here\'s an overview of how an MFA attack works: A malicious actor obtains the username and password of their target. They can achieve this in various ways, from password-cracking tactics like brute-force attacks to targeted phishing attacks to purchasing stolen credentials on the dark web. The attacker then starts to send MFA notifications to the user continuously, usually via automation, until that individual feels overwhelmed and approves the login attempt just to make the requests stop. (Usually, the push notifications from MFA solutions require the user to simply click a “yes” button to authenticate from the registered device or email account.) Once the attacker has unauthorized access to the account, they can steal sensitive data, install malware and do other mischief, including impersonating the user they have compromised-taking their actions as far as they can or want to go. 3 examples of successful MFA fatigue attacks To help your users understand the risk of these attacks, you may want to include some real-world examples in your security awareness program on this topic. Here are three notable incidents, which are all associated with the same threat actor: Uber. In September 2022, Uber reported that an attacker affiliated with the threat actor group Lapsus$ had compromised a contractor\'s account. The attacker may have purchased corporate account credentials on the dark web, Uber said in a security update. The contractor received several MFA notifications as the attacker tried to access the account-and eventually accepted one. After the attacker logged in to the account, they proceeded to access other accounts, achieving privilege escalation. One action the attacker took was to reconfigure Uber\'s OpenDNS to display a graphic image on some of the company\'s internal sites. Cisco. Cisco suffer | Ransomware Data Breach Malware Tool Threat Technical | Uber | ★★★ |
|
2023-11-17 16:00:00 | Découvrir les stratégies de sécurité du cloud 2023 \\ dans notre prochain webinaire - Sécurisez votre place Discover 2023\\'s Cloud Security Strategies in Our Upcoming Webinar - Secure Your Spot (lien direct) |
En 2023, le cloud n'est pas un seul champ de bataille.Zenbleed, Kubernetes Attacks et Sophistiqué APTS ne sont que la pointe de l'iceberg dans la zone de guerre de la sécurité du nuage.
En collaboration avec les experts estimés de Lacework Labs, The Hacker News présente fièrement un webinaire exclusif: \\ 'naviguer dans le paysage d'attaque cloud: 2023 Tendances, techniques et tactiques. \'
Rejoignez-nous pour un
In 2023, the cloud isn\'t just a technology-it\'s a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an exclusive webinar: \'Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.\' Join us for an |
Cloud | Uber | ★★ |
 |
2023-11-14 19:37:41 | CVE-2023-5528 (lien direct) | Date de publication: 2023/11/14 11:30 AM PDT
AWS est au courant de CVE-2023-5528, un problème à Kubernetes.Amazon Eks Optimized Windows Amis ne sont pas affectés par le problème car la classe de stockage de storage local de Kubernetes type est désactivé sur Eks Windows ami.
En tant que meilleure pratique de sécurité, nous recommandons aux clients EKS mettent à jour leurs configurations pour lancer de nouveaux nœuds de travail à partir de la dernière version AMI.Les clients utilisant des groupes de nœuds gérés peuvent mettre à niveau leurs groupes de nœuds en se référant à la documentation EKS.Veuillez vous référer à l'EKS documentation Pour remplacer vos instances existantes par vos nœuds de travailleur d'autogestion par le nouveau AMI Version .
Des questions ou des préoccupations liées à la sécurité peuvent être portées à notre attention via aws-security@amazon.com .
Publication Date: 2023/11/14 11:30 AM PDT AWS is aware of CVE-2023-5528, an issue in Kubernetes. Amazon EKS optimized Windows AMIs are not affected by the issue because the Kubernetes local-storage storage class type is disabled on EKS Windows AMI. As a security best practice, we recommend that EKS customers update their configurations to launch new worker nodes from the latest AMI version. Customers using Managed node groups can upgrade their node groups by referring to the EKS documentation. Please refer to the EKS documentation to replace your existing instances with your self-managing worker nodes with the new AMI version. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com. |
Uber | ||
 |
2023-11-13 21:58:00 | L'attaque des ransomwares sur l'Ohio City a un impact sur plusieurs services Ransomware attack on Ohio city impacts multiple services (lien direct) |
Une attaque de ransomware contre Huber Heights, Ohio, cause des problèmes importants à plusieurs systèmes municipaux.La communauté de près de 45 000 résidents à l'extérieur de Dayton a publié un avis dimanche en avertissant que ses systèmes ont été touchés par des ransomwares vers 8 heures du matin «Bien que les services de sécurité publique ne soient pas touchés, les divisions de la ville suivantes sont affectées: zonage,
A ransomware attack on Huber Heights, Ohio, is causing significant problems for several city systems. The community of nearly 45,000 residents outside of Dayton released a notice on Sunday warning that its systems were hit with ransomware at around 8 a.m. “While public safety services are not impacted the following city divisions are affected: Zoning, |
Ransomware | Uber | ★★ |
|
2023-11-13 10:10:19 | GKE et Anthos ne font plus qu\'un chez Google Cloud (lien direct) | Avec GKE Enterprise, Google Cloud intègre sa plate-forme Anthos (gestion de cloud hybride) dans l'interface de son Kubernetes managé. | Cloud | Uber | ★★ |
|
2023-11-07 12:12:40 | Periphery ™ a annoncé le lancement de Periphery OpenEBS Pro Perifery™ announced the launch of Perifery OpenEBS PRO (lien direct) |
Perifery OpenEBS Pro révolutionne Kubernetes Datastore
La nouvelle solution de qualité d'entreprise offre des performances révolutionnaires, une résilience, une sécurité et une prise en charge des charges de travail avec état
-
revues de produits
Perifery OpenEBS PRO Revolutionizes Kubernetes Datastore New Enterprise-Grade Solution Offers Breakthrough Performance, Resiliency, Security, and Support for Stateful Workloads - Product Reviews |
Uber | ★★ | |
|
2023-11-06 19:59:00 | Aqua Security présente l'industrie d'abord de la vulnérabilité de Kubernetes Scanning avec Trivy Kbom Aqua Security Introduces Industry-First Kubernetes Vulnerability Scanning With Trivy KBOM (lien direct) |
Perifery OpenEBS Pro révolutionne Kubernetes Datastore
La nouvelle solution de qualité d'entreprise offre des performances révolutionnaires, une résilience, une sécurité et une prise en charge des charges de travail avec état
-
revues de produits
Perifery OpenEBS PRO Revolutionizes Kubernetes Datastore New Enterprise-Grade Solution Offers Breakthrough Performance, Resiliency, Security, and Support for Stateful Workloads - Product Reviews |
Vulnerability | Uber | ★★ |
 |
2023-11-06 19:15:09 | CVE-2023-46254 (lien direct) | Capsule-Proxy est un proxy inverse du cadre multi-tension de capsule Kubernetes.Un bug dans le réflecteur de binding de rôle utilisé par «capsule-proxy» donne aux propriétaires de locataires de service.Le droit de répertorier les espaces de noms d'autres locataires soutenus par le même type de propriétaire et le même nom.Par exemple, considérez deux locataires «solaire» et «vent».Locataire «solaire», détenu par un service de service nommé «locataire-propriétaire» dans l'espace de noms «solaire».Locataire «Wind», appartenant à un service de service nommé «locataire-propriétaire» dans l'espace de noms «vent».Le propriétaire du locataire «solaire» pourrait énumérer les espaces de noms du locataire «vent» et vice-versa, bien que ce ne soit pas correct.Le bug introduit une vulnérabilité d'exfiltration car permet la liste des ressources d'espace de noms d'autres locataires, bien que dans certaines conditions spécifiques: 1. `capsule-proxy` s'exécute avec le` --disable-caching = false` (valeur par défaut: `false`) et 2. Les propriétaires de locataires sont ServiceAccount, avec le même nom de ressource, mais dans des espaces de noms différents.Cette vulnérabilité n'autorise aucune escalade de privilège sur les ressources spécialisées dans l'espace de noms de locataire, car le RBAC de Kubernetes applique cela.Ce problème a été résolu dans la version 0.4.5.Il est conseillé aux utilisateurs de mettre à niveau.Il n'y a pas de solution de contournement connu pour cette vulnérabilité.
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants `solar` and `wind`. Tenant `solar`, owned by a ServiceAccount named `tenant-owner` in the Namespace `solar`. Tenant `wind`, owned by a ServiceAccount named `tenant-owner` in the Namespace `wind`. The Tenant owner `solar` would be able to list the namespaces of the Tenant `wind` and vice-versa, although this is not correct. The bug introduces an exfiltration vulnerability since allows the listing of Namespace resources of other Tenants, although just in some specific conditions: 1. `capsule-proxy` runs with the `--disable-caching=false` (default value: `false`) and 2. Tenant owners are ServiceAccount, with the same resource name, but in different Namespaces. This vulnerability doesn\'t allow any privilege escalation on the outer tenant Namespace-scoped resources, since the Kubernetes RBAC is enforcing this. This issue has been addressed in version 0.4.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. |
Vulnerability | Uber | |
|
2023-11-06 15:05:54 | Tigera a annoncé des mises à niveau vers Calico Open Source et Calico Cloud Tigera announced upgrades to Calico Open Source and Calico Cloud (lien direct) |
Tigera introduit de puissantes améliorations à Calico Open Source et Calico Cloud pour élever la sécurité, l'évolutivité et les performances
• Le score de sécurité de Calico Cloud \\ et les actions recommandées fournissent une vue inégalée des risques de sécurité, permettant aux entreprises de les identifier et d'atténuer rapidement.
• La prise en charge de l'automate rationalisée avec Windows Host Process Container Support simplifie les opérations de Kubernetes, économise du temps et des ressources.
• La prise en charge de l'IPv6 pour l'EBPF dans Calico autorise les entreprises à améliorer les performances et l'évolutivité de leurs applications, garantissant qu'ils répondent aux exigences des charges de travail modernes.
• Une observabilité améliorée avec VXLAN pour le maillage de cluster offre une solution évolutive pour les déploiements multi-cluster, améliorant la visibilité et la sécurité.
-
revues de produits
Tigera Introduces Powerful Enhancements to Calico Open Source and Calico Cloud to Elevate Security, Scalability and Performance • Calico Cloud\'s Security Score and Recommended Actions provide an unparalleled view of security risks, enabling enterprises to identify and mitigate them swiftly. • Streamlined autoscaling with Windows HostProcess Container support simplifies Kubernetes operations, saving time and resources. • IPv6 support for eBPF in Calico empowers enterprises to enhance the performance and scalability of their applications, ensuring they meet the demands of modern workloads. • Enhanced observability with VxLAN for cluster mesh offers a scalable solution for multi-cluster deployments, enhancing visibility and security. - Product Reviews |
Cloud | Uber | ★★ |
|
2023-11-06 13:00:00 | Plus de la moitié des utilisateurs signalent des incidents de sécurité Kubernetes / conteneurs Over Half of Users Report Kubernetes/Container Security Incidents (lien direct) |
Beaucoup disent que cela a conduit à une violation de données ultérieure
Many say it led to a subsequent data breach |
Data Breach | Uber | ★★★ |
|
2023-11-03 18:15:08 | CVE-2023-3893 (lien direct) | Un problème de sécurité a été découvert à Kubernetes où un utilisateur qui peut
Créer des pods sur les nœuds Windows exécutant Kubernetes-Csi-Proxy peut être capable de
Escaladez les privilèges d'administration sur ces nœuds.Les clusters Kubernetes sont
affecté uniquement s'ils incluent les nœuds Windows en cours d'exécution
Kubernetes-Csi-Proxy.
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy. |
Uber | ||
|
2023-11-03 13:50:21 | Gestion réseau sur Kubernetes : l\'API Gateway stabilisée (lien direct) | Alternative plus " flexible " aux contrôleurs Ingress, l'API Gateway du projet Kubernetes est désormais stable. | Uber | ★★ | |
|
2023-11-02 13:39:00 | Le sénateur républicain continue de bloquer les choix militaires, y compris les cyber-dirigeants Republican senator continues blocking military picks, including cyber leaders (lien direct) |
Le sénateur Tommy Tuberville a refusé mercredi de céder à ses collègues républicains et de soulever sa prise de mois sur près de 400 promotions militaires hauts, dont plusieurs nominés pour les principaux postes de cybersécurité.Ultimately, Tuberville stood and objected to 61 nominees that a group of GOP senators, led by DanSullivan (AK), a tenté de confirmer par consentement unanime,
Sen. Tommy Tuberville on Wednesday refused to yield to his Republican colleagues and lift his months-long hold on nearly 400 senior military promotions, including several nominees for key cybersecurity posts. Ultimately, Tuberville stood and objected to 61 nominees that a group of GOP senators, led by Dan Sullivan (AK), tried to confirm by unanimous consent, |
Uber | ★★ | |
 |
2023-11-02 03:48:30 | Essentiels de sécurité des conteneurs: analyse de vulnérabilité et détection des changements expliqués Container Security Essentials: Vulnerability Scanning and Change Detection Explained (lien direct) |
Les conteneurs offrent une approche de déploiement et de gestion des applications rationalisées.Grâce à leur efficacité et à leur portabilité, des plateformes comme Docker et Kubernetes sont devenues des noms de ménages dans l'industrie de la technologie.Cependant, une conception fausse se cache dans l'ombre à mesure que les conteneurs gagnent en popularité - la croyance que le balayage de vulnérabilité actif devient redondant une fois les conteneurs mis en œuvre.Ce blog mettra en lumière ce mythe et explorera l'importance de la gestion de la vulnérabilité et de la détection des changements dans les environnements conteneurisés.Conteneurs: Les bases avant de plonger dans la sécurité des conteneurs, laissez \\ 's ...
Containers offer a streamlined application deployment and management approach. Thanks to their efficiency and portability, platforms like Docker and Kubernetes have become household names in the tech industry. However, a misconception lurks in the shadows as containers gain popularity - the belief that active vulnerability scanning becomes redundant once containers are implemented. This blog will shed light on this myth and explore the importance of vulnerability management and change detection in containerized environments. Containers: The Basics Before diving into container security, let\'s... |
Vulnerability | Uber | ★★ |
|
2023-11-02 03:15:10 | CVE-2023-5408 (lien direct) | Une faille d'escalade de privilège a été trouvée dans le plugin d'admission de restriction du nœud du serveur API Kubernetes d'OpenShift.Un attaquant distant qui modifie l'étiquette des rôles de nœud pourrait diriger les charges de travail du plan de contrôle et etcd nœuds sur différents nœuds de travailleur et obtenir un accès plus large au cluster.
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster. |
Uber | ||
|
2023-10-31 21:15:08 | CVE-2023-3955 (lien direct) | Un problème de sécurité a été découvert à Kubernetes où un utilisateur
qui peut créer des pods sur les nœuds Windows peut être en mesure de dégénérer pour administrer
privilèges sur ces nœuds.Les grappes de Kubernetes ne sont affectées que si elles
Incluez les nœuds Windows.
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. |
Uber | ||
|
2023-10-31 21:15:08 | CVE-2023-3676 (lien direct) | Un problème de sécurité a été découvert à Kubernetes où un utilisateur
qui peut créer des pods sur les nœuds Windows peut être en mesure de dégénérer pour administrer
privilèges sur ces nœuds.Les grappes de Kubernetes ne sont affectées que si elles
Incluez les nœuds Windows.
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. |
Uber | ||
|
2023-10-31 09:00:00 | La Maison Blanche hôte du contre-Ransomware Initiative Summit, en mettant l'accent sur le fait de ne pas payer de pirates White House hosts Counter Ransomware Initiative summit, with a focus on not paying hackers (lien direct) |
Le troisième sommet annuel de la contre-ransomware dirigée par la Maison Blanche à la maison pour s'attaquer à 48 pays, l'Union européenne et Interpol se lance à Washington aujourd'hui, avec plusieurs nouveaux éléments, notamment un engagement de la plupart des États membres pour ne pas payer les rançons et un projet de mise à profit de l'intelligence artificielle pour analyser les blockchains,selon un conseiller adjoint de la sécurité nationale pour le cyber et émerger
The third annual White House-led counter ransomware summit convening 48 countries, the European Union and Interpol launches in Washington today, featuring several new elements including a pledge from most member states not to pay ransoms and a project to leverage artificial intelligence to analyze blockchains, according to Deputy National Security Advisor for Cyber and Emerging |
Ransomware Legislation | Uber | ★★★ |
 |
2023-10-30 14:57:11 | Taiwan se préparant à la cyber-warwar au milieu des tensions croissantes avec la Chine, dit un responsable de la sécurité américaine Taiwan Preparing for Cyberwarfare Amid Escalating Tensions with China, Says US Security Official (lien direct) |
Alors que les tensions entre Taïwan et la Chine atteignent un point d'ébullition, Taiwan se girant pour un scénario potentiel de cyber-warwarfare, selon Anne Neuberger, adjoint américain [Plus ...]
As tensions between Taiwan and China reach a boiling point, Taiwan is girding itself for a potential cyberwarfare scenario, according to Anne Neuberger, US Deputy [more...] |
Uber | ★★★ | |
|
2023-10-30 12:16:00 | Urgent: Nouveaux défauts de sécurité découverts dans le contrôleur nginx entrée pour Kubernetes Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes (lien direct) |
Trois défauts de sécurité à haute sévérité non corrigées ont été divulgués dans le contrôleur d'entrée de Nginx pour Kubernetes qui pourrait être armé par un acteur de menace pour voler des titres de compétences secrètes du cluster.
Les vulnérabilités sont les suivantes -
CVE-2022-4886 (score CVSS: 8.8) - La désinfection du chemin Ingress-Nginx peut être contournée pour obtenir les informations d'identification du contrôleur Ingress-Nginx
CVE-2023-5043 (
Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows - CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller CVE-2023-5043 ( |
Vulnerability Threat | Uber | ★★★ |
 |
2023-10-27 13:00:34 | Apprendre à connaître: Kim Forsthuber Getting to Know: Kim Forsthuber (lien direct) |
> Kim Forsthuber est un spécialiste des canaux pour Check Point Software Technologies.En tant que spécialiste des canaux, Kim travaille en étroite collaboration avec les partenaires de Check Point \\ pour développer et exécuter des plans de marketing et de vente stratégiques pour le portefeuille Harmony.Avant le point de contrôle, Kim a travaillé à la United Foundation for China \'s Health, Siemens, Autotask Corporation et Draper House, entre autres.Elle est titulaire d'un MBA en gestion internationale de la Munich Business School et d'un baccalauréat ès arts en médias et communications de l'Université de Londres.Kim, vous avez travaillé dans les soins de santé, la logistique et les relations publiques.Comment êtes-vous entré dans la cybersécurité?Mon voyage dans [& # 8230;]
>Kim Forsthuber is a Channel Specialist for at Check Point Software Technologies. As a Channel Specialist, Kim works closely with Check Point\'s partners to develop and execute strategic marketing and sales plans for the Harmony portfolio. Prior to Check Point, Kim worked at the United Foundation for China\'s Health, Siemens, Autotask Corporation and Draper House, among others. She holds a MBA in International Management from Munich Business School and a Bachelor of Arts in Media and Communications from the University of London. Kim, you\'ve worked in healthcare, logistics, and public relations. How did you get into cybersecurity? My journey into […] |
Uber | ★★ | |
|
2023-10-27 08:15:31 | CVE-2023-46194 (lien direct) | Unauth.Vulnérabilité reflétée des scripts croisés (XSS) dans Eric Teubert Archivist & acirc; & euro; & ldquo;Plugin de modèles d'archives personnalisés | Vulnerability | Uber | |
 |
2023-10-26 10:00:00 | Ensuring robust security of a containerized environment (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In today’s rapidly evolving digital landscape, containerized microservices have become the lifeblood of application development and deployment. Resembling miniature virtual machines, these entities enable efficient code execution in any environment, be it an on-premises server, a public cloud, or even a laptop. This paradigm eliminates the criteria of platform compatibility and library dependency from the DevOps equation. As organizations embrace the benefits of scalability and flexibility offered by containerization, they must also take up the security challenges intrinsic to this software architecture approach. This article highlights key threats to container infrastructure, provides insights into relevant security strategies, and emphasizes the shared responsibility of safeguarding containerized applications within a company. Understanding the importance of containers for cloud-native applications Containers play a pivotal role in streamlining and accelerating the development process. Serving as the building blocks of cloud-native applications, they are deeply intertwined with four pillars of software engineering: the DevOps paradigm, CI/CD pipeline, microservice architecture, and frictionless integration with orchestration tools. Orchestration tools form the backbone of container ecosystems, providing vital functionalities such as load balancing, fault tolerance, centralized management, and seamless system scaling. Orchestration can be realized through diverse approaches, including cloud provider services, self-deployed Kubernetes clusters, container management systems tailored for developers, and container management systems prioritizing user-friendliness. The container threat landscape According to recent findings of Sysdig, a company specializing in cloud security, a whopping 87% of container images have high-impact or critical vulnerabilities. While 85% of these flaws have a fix available, they can’t be exploited because the hosting containers aren’t in use. That said, many organizations run into difficulties prioritizing the patches. Rather than harden the protections of the 15% of entities exposed at runtime, security teams waste their time and resources on loopholes that pose no risk. One way or another, addressing these vulnerabilities requires the fortification of the underlying infrastructure. Apart from configuring orchestration systems properly, it’s crucial to establish a well-thought-out set of access permissions for Docker nodes or Kubernetes. Additionally, the security of containers hinges on the integrity of the images used for their construction. Guarding containers throughout the product life cycle A container\'s journey encompasses three principal stages. The initial phase involves constructing the container and subjecting it to comprehensive functional and load tests. Subsequently, the container is stored in the image registry, awaiting its moment of execution. The third stage, container runtime, occurs when the container is launched and operates as intended. Early identification of vulnerabilities is vital, and this is where the shift-left security principle plays a role. It encourages an intensified focus on security from the nascent stages of the product life cycle, encompassing the design and requirements gathering phases. By incorporating automated security checks within the CI/CD pipeline, developers can detect security issues early and minimize the chance of security gap | Tool Vulnerability Threat Cloud | Uber | ★★★ |
|
2023-10-25 20:15:18 | CVE-2023-5044 (lien direct) | Injection de code via nginx.ingress.kubernetes.io/permanent-redirect Annotation.
Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation. |
Uber | ||
|
2023-10-24 19:00:00 | Neuberger: les nouvelles initiatives mondiales comprendront le partage d'informations, le suivi des paiements de ransomware Neuberger: New global initiatives will include information sharing, ransomware payment tracking (lien direct) |
Une coalition mondiale de dirigeants du gouvernement de la cybersécurité annoncera des efforts visant à renforcer le partage d'informations sur les menaces numériques et à assumer des paiements néfastes de crypto-monnaie lorsqu'ils se réunissent à Washington la semaine prochaine, a déclaré mardi un haut responsable de la Maison Blanche.L'administration Biden devrait accueillir des fonctionnaires de 50 pays la semaine prochaine pour son compteur international
A global coalition of government cybersecurity leaders will announce efforts to boost information sharing about digital threats and take on nefarious cryptocurrency payments when they convene in Washington next week, a senior White House official said on Tuesday. The Biden administration is set to host officials from 50 countries next week for its International Counter |
Ransomware | Uber | ★★★ |
|
2023-10-23 19:00:00 | Cybersecurity as a Service: un nouveau modèle flexible pour le développement et l'opération du programme de sécurité Cybersecurity as a Service: A new, flexible model for security program development and operation (lien direct) |
Les services de cybersécurité changent, en particulier le conseil en cybersécurité.Les fournisseurs adaptent rapidement les modèles de prestation de services car ils cherchent à mieux soutenir les entreprises commerciales et les chefs d'entreprise et la sécurité sont chargées de stimuler l'innovation et la croissance commerciales en allant plus rapidement, en étant plus agile et en faisant plus avec moins de personnes.& nbsp; Nouveaux modèles comme & ldquo; Cybersecurity as a Service & rdquo;sont émergents, visant à relever de tels défis. & nbsp;
Regardez cette toute nouvelle vidéo court et découvrez comment tout cela fonctionne à partir de AT & amp; T cybersecurity consultant, Bindu Sundaresan.Dave Gruber of Enterprise Strategy Group (ESG) interviewe Bindu dans cette vidéo pour le décomposer:
Cybersecurity services are changing, especially cybersecurity consulting. Vendors are quickly adapting service delivery models as they look to better support digital-first business and security leaders are tasked with driving business innovation and growth by going faster, being more agile, and doing more with fewer people. New models like “Cybersecurity as a Service” are emerging, aimed at addressing such challenges. Watch this brand new video short and learn how it all works from AT&T Cybersecurity consultant, Bindu Sundaresan. Dave Gruber of Enterprise Strategy Group (ESG) interviews Bindu in this video to break it down:  |
Uber | ★★ | |
|
2023-10-20 12:32:52 | Kubernetes, mais en plus simple ? Microsoft dégaine une surcouche (lien direct) | Avec le projet open source Radius, Microsoft entend favoriser l'approche platform engineering sur Kubernetes. | Uber | ★★ | |
|
2023-10-19 11:08:36 | L'ancien Uber Ciso faisant appel de sa conviction Former Uber CISO Appealing His Conviction (lien direct) |
Joe Sullivan, PDG d'Uber & # 8217; lors de leur violation de données 2016, est attrayant Sa conviction.
Les procureurs ont inculpé Sullivan, qu'Uber a embauché comme CISO après la violation de 2014, de retenir des informations sur l'incident de 2016 de la FTC, alors même que ses enquêteurs examinaient les pratiques de sécurité et de confidentialité des données de l'entreprise.Le gouvernement a fait valoir que Sullivan aurait dû informer la FTC de l'incident de 2016, mais a plutôt fait tout son possible pour leur cacher.
Les procureurs ont également accusé Sullivan d'avoir tenté de cacher la violation elle-même en payant 100 000 $ pour acheter le silence des deux pirates derrière le compromis.Sullivan avait caractérisé le paiement comme une prime de bogue similaire à celle que d'autres sociétés font régulièrement aux chercheurs qui leur rapportent des vulnérabilités et d'autres problèmes de sécurité.Ses avocats ont souligné que Sullivan avait effectué le paiement avec la pleine connaissance et la bénédiction de Travis Kalanick, PDG d'Uber à l'époque, et d'autres membres de l'équipe juridique du géant du géant du conducteur ...
Joe Sullivan, Uber’s CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company’s data security and privacy practices. The government argued that Sullivan should have informed the FTC of the 2016 incident, but instead went out of his way to conceal it from them. Prosecutors also accused Sullivan of attempting to conceal the breach itself by paying $100,000 to buy the silence of the two hackers behind the compromise. Sullivan had characterized the payment as a bug bounty similar to ones that other companies routinely make to researchers who report vulnerabilities and other security issues to them. His lawyers pointed out that Sullivan had made the payment with the full knowledge and blessing of Travis Kalanick, Uber’s CEO at the time, and other members of the ride-sharing giant’s legal team... |
Vulnerability | Uber | ★★ |
|
2023-10-19 08:04:38 | Mois de la sensibilisation à la cybersécurité : le cas de MrBeast vu par Tenable (lien direct) | Dans le cadre du mois de sensibilisation à la cybersécurité qui a lieu chaque octobre et face aux nombreuses usurpations sur les réseaux sociaux, Satnam Narang, senior staff research engineer chez Tenable, s'est penché sur un exemple parlant : le cas du Youtuber Mr Beast. - Points de Vue | General Information | Uber | ★★ |
|
2023-10-13 12:23:49 | Dans d'autres nouvelles: Ex-Uber Security Chief Appeal, nouvelles offres des géants de la technologie, Crypto Bounty In Other News: Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty (lien direct) |
dans d'autres
In Other |
Uber | ★★ | |
|
2023-10-12 13:00:00 | La condamnation d'appel d'appel d'Uber \\ est une violation de données 2016 Uber\\'s Ex-CISO Appeals Conviction Over 2016 Data Breach (lien direct) |
Les avocats de Joe Sullivan \\ ont affirmé que sa condamnation pour deux accusations de crime est basée sur des théories ténuelles et criminalise l'utilisation des programmes de primes de bogues.
Joe Sullivan\'s lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs. |
Data Breach | Uber | ★★★ |
|
2023-10-11 19:25:11 | Microsoft: Chinois s'approche des attaques de confluence Atlassian;POCS apparaît Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear (lien direct) |
Les organisations devraient se préparer pour l'exploitation de masse du CVE-2023-22515, un bogue de sécurité ultra critique qui ouvre la porte à des attaques de chaîne d'approvisionnement paralysantes contre des victimes en aval.
Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims. |
Uber | ★★★ | |
 |
2023-10-10 17:37:33 | GCP-2023-030 (lien direct) | Publié: 2023-10-10 Description | Vulnerability | Uber | |
|
2023-10-09 20:15:10 | CVE-2023-44392 (lien direct) | Garden offre l'automatisation du développement et des tests de Kubernetes.Avant les tov ersions de 0,13,17 et 0,12,65, Garden dépend de la bibliothèque cryo, qui est vulnérable à l'injection de code en raison d'une implémentation non sécurisée de la désérialisation.Garden Stocks a sérialisé des objets à l'aide de cryo dans les ressources de Kubernetes `CONFICMAP` préfixées avec des« tests de test »et du« Run-Result »pour cacher le test du jardin et exécuter les résultats.Ces `configmaps» sont stockés soit dans l'espace de noms `` Garden-System 'ou dans l'espace de noms d'utilisateur configuré.Lorsqu'un utilisateur invoque la commande «Garden Test» ou «Garden Run» stocké dans les «configmap» sont récupérés et désérialisés.Cela peut être utilisé par un attaquant avec accès au cluster Kubernetes pour stocker des objets malveillants dans le `CONFIGMAP`, ce qui peut déclencher une exécution de code distante sur la machine des utilisateurs lorsque Cryo désérialise l'objet.Afin d'exploiter cette vulnérabilité, un attaquant doit avoir accès au cluster Kubernetes utilisé pour déployer des environnements à distance de jardin.De plus, un utilisateur doit invoquer activement un «test de jardin» ou une «course de jardin» qui a précédemment mis en cache les résultats.Le problème a été corrigé dans les versions du jardin «0,13,17» (bonsaï) et «0,12,65» (acorn).Seules les versions du jardin sont vulnérables.Aucune solution de contournement connue n'est disponible.
Garden provides automation for Kubernetes development and testing. Prior tov ersions 0.13.17 and 0.12.65, Garden has a dependency on the cryo library, which is vulnerable to code injection due to an insecure implementation of deserialization. Garden stores serialized objects using cryo in the Kubernetes `ConfigMap` resources prefixed with `test-result` and `run-result` to cache Garden test and run results. These `ConfigMaps` are stored either in the `garden-system` namespace or the configured user namespace. When a user invokes the command `garden test` or `garden run` objects stored in the `ConfigMap` are retrieved and deserialized. This can be used by an attacker with access to the Kubernetes cluster to store malicious objects in the `ConfigMap`, which can trigger a remote code execution on the users machine when cryo deserializes the object. In order to exploit this vulnerability, an attacker must have access to the Kubernetes cluster used to deploy garden remote environments. Further, a user must actively invoke either a `garden test` or `garden run` which has previously cached results. The issue has been patched in Garden versions `0.13.17` (Bonsai) and `0.12.65` (Acorn). Only Garden versions prior to these are vulnerable. No known workarounds are available. |
Uber |
To see everything:
Our RSS (filtrered)
