This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-10T10:58:45+00:00 www.secnews.physaphae.fr Silicon - Site de News Francais 2024-03-13T10:20:56+00:00 https://www.silicon.fr/comment-uber-optimise-deploiement-cassandra-476798.html www.secnews.physaphae.fr/article.php?IdArticle=8463113 False None Uber 1.00000000000000000000 GoogleSec - Firm Security Blog passkeys-the easier, safer alternative to passwords. Passkeys are safer because they\'re unique to each account, and are more resistant against online attacks such as phishing. They\'re easier to use because there\'s nothing for you to remember: when it\'s time to sign in, using a passkey is as simple as unlocking your device with your face or fingerprint, or your PIN/pattern/password. Google is working to accelerate passkey adoption. We\'ve launched support for passkeys on Google platforms such as Android and Chrome, and recently we announced that we\'re making passkeys a default option across personal Google Accounts. We\'re also working with our partners across the industry to make passkeys available on more websites and apps. Recently, we took things a step further. As part of last December\'s Pixel Feature Drop, we introduced a new feature to Google Password Manager: passkey upgrades. With this new feature, Google Password Manager will let you discover which of your accounts support passkeys, and help you upgrade with just a few taps. This new passkey upgrade experience is now available on Pixel phones (starting from Pixel 5a) as well as Pixel Tablet. Google Password manager will incorporate these updates for other platforms in the future. Best of all, today we\'re happy to announce that we\'ve teamed up with Adobe, Best Buy, DocuSign, eBay, Kayak, Money Forward, Nintendo, PayPal, Uber, Yahoo! Japan-and soon, TikTok as well, to help bring you this easy passkey upgrade experience and usher you into the passwordless future. If you have an account with one of these early launch partners, Google Password Manager on Pixel will helpfully guide you to the exact location on the partner\'s website or app where you can upgrade to a passkey. There\'s no need to manually hunt for the option in acc]]> 2024-01-30T12:00:18+00:00 http://security.googleblog.com/2024/01/upgrade-to-passkeys-on-pixel-with-google-password-manager.html www.secnews.physaphae.fr/article.php?IdArticle=8444905 False Mobile Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new findings from Infoblox reveal. The latest development demonstrates the "breadth of their activities and depth of their connections within the cybercrime industry," the company said,]]> 2024-01-23T20:03:00+00:00 https://thehackernews.com/2024/01/vextrio-uber-of-cybercrime-brokering.html www.secnews.physaphae.fr/article.php?IdArticle=8442148 False Malware,Threat Uber 4.0000000000000000 Silicon - Site de News Francais 2024-01-15T09:55:48+00:00 https://www.silicon.fr/uber-kerberos-echelle-474935.html www.secnews.physaphae.fr/article.php?IdArticle=8439184 False None Uber 2.0000000000000000 Silicon - Site de News Francais 2024-01-10T09:25:47+00:00 https://www.silicon.fr/uber-deploiements-configuration-474821.html www.secnews.physaphae.fr/article.php?IdArticle=8437467 False None Uber 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-09T11:57:12+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/rise-in-identity-threats www.secnews.physaphae.fr/article.php?IdArticle=8437188 False Ransomware,Malware,Tool,Threat,Studies Uber 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Former Uber CISO Joe Sullivan says CISOs are thinking about themselves rather than the bigger picture due to the risk of personal liability]]> 2023-12-07T12:30:00+00:00 https://www.infosecurity-magazine.com/news/liability-fears-damaging-ciso-role/ www.secnews.physaphae.fr/article.php?IdArticle=8419870 False None Uber 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain I trusted a lot today. I trusted my phone to wake me on time. I trusted Uber to arrange a taxi for me, and the driver to get me to the airport safely. I trusted thousands of other drivers on the road not to ram my car on the way. At the airport, I trusted ticket agents and maintenance engineers and everyone else who keeps airlines operating. And the pilot of the plane I flew. And thousands of other people at the airport and on the plane, any of which could have attacked me. And all the people that prepared and served my breakfast, and the entire food supply chain—any of them could have poisoned me. When I landed here, I trusted thousands more people: at the airport, on the road, in this building, in this room. And that was all before 10:30 this morning...]]> 2023-12-04T12:05:33+00:00 https://www.schneier.com/blog/archives/2023/12/ai-and-trust.html www.secnews.physaphae.fr/article.php?IdArticle=8418999 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch 2023-11-29T23:00:00+00:00 https://www.darkreading.com/cloud-security/xm-cyber-launches-kubernetes-exposure-management-to-intelligently-protect-critical-container-environments www.secnews.physaphae.fr/article.php?IdArticle=8417934 False None Uber 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

XM Cyber Launches New Kubernetes Exposure Management to Intelligently Protect Critical Container Environments Extending its industry-leading XM Attack Graph Analysis™ to Kubernetes, XM Cyber is the first and only exposure management solution that works across hybrid environments - Product Reviews]]> 2023-11-28T20:42:54+00:00 https://www.globalsecuritymag.fr/XM-Cyber-Launches-New-Kubernetes-Exposure-Management.html www.secnews.physaphae.fr/article.php?IdArticle=8417625 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case.]]> 2023-11-28T19:57:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/6-years-of-silence-former-uber-ciso-speaks-out-on-data-breach-solarwinds www.secnews.physaphae.fr/article.php?IdArticle=8417612 False Data Breach,Legislation Uber,Uber 3.0000000000000000 ProofPoint - Cyber Firms 2023-11-27T09:26:51+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/cybersecurity-topics-to-include-in-your-program www.secnews.physaphae.fr/article.php?IdArticle=8417272 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud Uber,Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some of those impacted include two top blockchain]]> 2023-11-24T12:14:00+00:00 https://thehackernews.com/2023/11/kubernetes-secrets-of-fortune-500.html www.secnews.physaphae.fr/article.php?IdArticle=8416507 False None Uber 3.0000000000000000 SecurityWeek - Security News Les chercheurs d'Aqua attirent une attention urgente sur l'exposition publique des secrets de configuration de Kubernetes, avertissant que des centaines d'organisations sont vulnérables à cette «bombe d'attaque de la chaîne d'approvisionnement».

---

>Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.” ]]> 2023-11-22T16:48:24+00:00 https://www.securityweek.com/researchers-discover-dangerous-exposure-of-sensitive-kubernetes-secrets/ www.secnews.physaphae.fr/article.php?IdArticle=8416018 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference.]]> 2023-11-22T16:15:25+00:00 https://www.darkreading.com/vulnerabilities-threats/rootkit-turns-kubernetes-from-orchestration-to-subversion www.secnews.physaphae.fr/article.php?IdArticle=8417431 False Conference Uber 2.0000000000000000 Dark Reading - Informationweek Branch Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference.]]> 2023-11-22T16:15:25+00:00 https://www.darkreading.com/black-hat/rootkit-turns-kubernetes-from-orchestration-to-subversion www.secnews.physaphae.fr/article.php?IdArticle=8415996 False Conference Uber 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-21T08:35:02+00:00 https://www.proofpoint.com/us/blog/information-protection/preventing-mfa-fatigue-attacks www.secnews.physaphae.fr/article.php?IdArticle=8415409 False Ransomware,Data Breach,Malware,Tool,Threat,Technical Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In 2023, the cloud isn\'t just a technology-it\'s a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an exclusive webinar: \'Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.\' Join us for an]]> 2023-11-17T16:00:00+00:00 https://thehackernews.com/2023/11/discover-2023s-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8413333 False Cloud Uber 2.0000000000000000 Vuln AWS - FLux Vuln AWS type est désactivé sur Eks Windows ami. En tant que meilleure pratique de sécurité, nous recommandons aux clients EKS mettent à jour leurs configurations pour lancer de nouveaux nœuds de travail à partir de la dernière version AMI.Les clients utilisant des groupes de nœuds gérés peuvent mettre à niveau leurs groupes de nœuds en se référant à la documentation EKS.Veuillez vous référer à l'EKS documentation Pour remplacer vos instances existantes par vos nœuds de travailleur d'autogestion par le nouveau AMI Version . Des questions ou des préoccupations liées à la sécurité peuvent être portées à notre attention via aws-security@amazon.com .

---

Publication Date: 2023/11/14 11:30 AM PDT AWS is aware of CVE-2023-5528, an issue in Kubernetes. Amazon EKS optimized Windows AMIs are not affected by the issue because the Kubernetes local-storage storage class type is disabled on EKS Windows AMI. As a security best practice, we recommend that EKS customers update their configurations to launch new worker nodes from the latest AMI version. Customers using Managed node groups can upgrade their node groups by referring to the EKS documentation. Please refer to the EKS documentation to replace your existing instances with your self-managing worker nodes with the new AMI version. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.]]> 2023-11-14T19:37:41+00:00 https://aws.amazon.com/security/security-bulletins/AWS-2023-012/ www.secnews.physaphae.fr/article.php?IdArticle=8412054 False None Uber None Recorded Future - FLux Recorded Future Une attaque de ransomware contre Huber Heights, Ohio, cause des problèmes importants à plusieurs systèmes municipaux.La communauté de près de 45 000 résidents à l'extérieur de Dayton a publié un avis dimanche en avertissant que ses systèmes ont été touchés par des ransomwares vers 8 heures du matin «Bien que les services de sécurité publique ne soient pas touchés, les divisions de la ville suivantes sont affectées: zonage,

---

A ransomware attack on Huber Heights, Ohio, is causing significant problems for several city systems. The community of nearly 45,000 residents outside of Dayton released a notice on Sunday warning that its systems were hit with ransomware at around 8 a.m. “While public safety services are not impacted the following city divisions are affected: Zoning,]]> 2023-11-13T21:58:00+00:00 https://therecord.media/huber-heights-ohio-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8411334 False Ransomware Uber 2.0000000000000000 Silicon - Site de News Francais 2023-11-13T10:10:19+00:00 https://www.silicon.fr/gke-enterprise-google-cloud-473295.html www.secnews.physaphae.fr/article.php?IdArticle=8410931 False Cloud Uber 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Perifery OpenEBS PRO Revolutionizes Kubernetes Datastore New Enterprise-Grade Solution Offers Breakthrough Performance, Resiliency, Security, and Support for Stateful Workloads - Product Reviews]]> 2023-11-07T12:12:40+00:00 https://www.globalsecuritymag.fr/Perifery-TM-announced-the-launch-of-Perifery-OpenEBS-PRO.html www.secnews.physaphae.fr/article.php?IdArticle=8407232 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch 2023-11-06T19:59:00+00:00 https://www.darkreading.com/cloud/aqua-security-introduces-industry-first-kubernetes-vulnerability-scanning-with-trivy-kbom www.secnews.physaphae.fr/article.php?IdArticle=8406780 False Vulnerability Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants `solar` and `wind`. Tenant `solar`, owned by a ServiceAccount named `tenant-owner` in the Namespace `solar`. Tenant `wind`, owned by a ServiceAccount named `tenant-owner` in the Namespace `wind`. The Tenant owner `solar` would be able to list the namespaces of the Tenant `wind` and vice-versa, although this is not correct. The bug introduces an exfiltration vulnerability since allows the listing of Namespace resources of other Tenants, although just in some specific conditions: 1. `capsule-proxy` runs with the `--disable-caching=false` (default value: `false`) and 2. Tenant owners are ServiceAccount, with the same resource name, but in different Namespaces. This vulnerability doesn\'t allow any privilege escalation on the outer tenant Namespace-scoped resources, since the Kubernetes RBAC is enforcing this. This issue has been addressed in version 0.4.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.]]> 2023-11-06T19:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46254 www.secnews.physaphae.fr/article.php?IdArticle=8406849 False Vulnerability Uber None Global Security Mag - Site de news francais revues de produits

---

Tigera Introduces Powerful Enhancements to Calico Open Source and Calico Cloud to Elevate Security, Scalability and Performance • Calico Cloud\'s Security Score and Recommended Actions provide an unparalleled view of security risks, enabling enterprises to identify and mitigate them swiftly. • Streamlined autoscaling with Windows HostProcess Container support simplifies Kubernetes operations, saving time and resources. • IPv6 support for eBPF in Calico empowers enterprises to enhance the performance and scalability of their applications, ensuring they meet the demands of modern workloads. • Enhanced observability with VxLAN for cluster mesh offers a scalable solution for multi-cluster deployments, enhancing visibility and security. - Product Reviews]]> 2023-11-06T15:05:54+00:00 https://www.globalsecuritymag.fr/Tigera-announced-upgrades-to-Calico-Open-Source-and-Calico-Cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8406674 False Cloud Uber 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Many say it led to a subsequent data breach]]> 2023-11-06T13:00:00+00:00 https://www.infosecurity-magazine.com/news/half-users-kubernetescontainer/ www.secnews.physaphae.fr/article.php?IdArticle=8406609 False Data Breach Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.]]> 2023-11-03T18:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3893 www.secnews.physaphae.fr/article.php?IdArticle=8405517 False None Uber None Silicon - Site de News Francais 2023-11-03T13:50:21+00:00 https://www.silicon.fr/reseau-kubernetes-api-gateway-stabilisee-473063.html www.secnews.physaphae.fr/article.php?IdArticle=8405329 False None Uber 2.0000000000000000 Recorded Future - FLux Recorded Future Le sénateur Tommy Tuberville a refusé mercredi de céder à ses collègues républicains et de soulever sa prise de mois sur près de 400 promotions militaires hauts, dont plusieurs nominés pour les principaux postes de cybersécurité.Ultimately, Tuberville stood and objected to 61 nominees that a group of GOP senators, led by DanSullivan (AK), a tenté de confirmer par consentement unanime,

---

Sen. Tommy Tuberville on Wednesday refused to yield to his Republican colleagues and lift his months-long hold on nearly 400 senior military promotions, including several nominees for key cybersecurity posts. Ultimately, Tuberville stood and objected to 61 nominees that a group of GOP senators, led by Dan Sullivan (AK), tried to confirm by unanimous consent,]]> 2023-11-02T13:39:00+00:00 https://therecord.media/tommy-tuberville-military-nominations-blockade-cyber-leaders www.secnews.physaphae.fr/article.php?IdArticle=8404709 False None Uber 2.0000000000000000 The State of Security - Magazine Américain Containers offer a streamlined application deployment and management approach. Thanks to their efficiency and portability, platforms like Docker and Kubernetes have become household names in the tech industry. However, a misconception lurks in the shadows as containers gain popularity - the belief that active vulnerability scanning becomes redundant once containers are implemented. This blog will shed light on this myth and explore the importance of vulnerability management and change detection in containerized environments. Containers: The Basics Before diving into container security, let\'s...]]> 2023-11-02T03:48:30+00:00 https://www.tripwire.com/state-of-security/container-security-essentials-vulnerability-scanning-and-change-detection www.secnews.physaphae.fr/article.php?IdArticle=8404581 False Vulnerability Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.]]> 2023-11-02T03:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5408 www.secnews.physaphae.fr/article.php?IdArticle=8404529 False None Uber None CVE Liste - Common Vulnerability Exposure A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.]]> 2023-10-31T21:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3676 www.secnews.physaphae.fr/article.php?IdArticle=8403764 False None Uber None CVE Liste - Common Vulnerability Exposure A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.]]> 2023-10-31T21:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3955 www.secnews.physaphae.fr/article.php?IdArticle=8403765 False None Uber None Recorded Future - FLux Recorded Future Le troisième sommet annuel de la contre-ransomware dirigée par la Maison Blanche à la maison pour s'attaquer à 48 pays, l'Union européenne et Interpol se lance à Washington aujourd'hui, avec plusieurs nouveaux éléments, notamment un engagement de la plupart des États membres pour ne pas payer les rançons et un projet de mise à profit de l'intelligence artificielle pour analyser les blockchains,selon un conseiller adjoint de la sécurité nationale pour le cyber et émerger

---

The third annual White House-led counter ransomware summit convening 48 countries, the European Union and Interpol launches in Washington today, featuring several new elements including a pledge from most member states not to pay ransoms and a project to leverage artificial intelligence to analyze blockchains, according to Deputy National Security Advisor for Cyber and Emerging]]> 2023-10-31T09:00:00+00:00 https://therecord.media/white-house-counter-ransomware-initiative-summit-new-measure www.secnews.physaphae.fr/article.php?IdArticle=8403375 False Ransomware,Legislation Uber 3.0000000000000000 CyberWarzone - Cyber News [Plus ...]

---

As tensions between Taiwan and China reach a boiling point, Taiwan is girding itself for a potential cyberwarfare scenario, according to Anne Neuberger, US Deputy [more...]]]> 2023-10-30T14:57:11+00:00 https://cyberwarzone.com/taiwan-preparing-for-cyberwarfare-amid-escalating-tensions-with-china-says-us-security-official/ www.secnews.physaphae.fr/article.php?IdArticle=8402858 False None Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows -  CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller CVE-2023-5043 (]]> 2023-10-30T12:16:00+00:00 https://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8402689 False Vulnerability,Threat Uber 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Kim Forsthuber est un spécialiste des canaux pour Check Point Software Technologies.En tant que spécialiste des canaux, Kim travaille en étroite collaboration avec les partenaires de Check Point \\ pour développer et exécuter des plans de marketing et de vente stratégiques pour le portefeuille Harmony.Avant le point de contrôle, Kim a travaillé à la United Foundation for China \'s Health, Siemens, Autotask Corporation et Draper House, entre autres.Elle est titulaire d'un MBA en gestion internationale de la Munich Business School et d'un baccalauréat ès arts en médias et communications de l'Université de Londres.Kim, vous avez travaillé dans les soins de santé, la logistique et les relations publiques.Comment êtes-vous entré dans la cybersécurité?Mon voyage dans [& # 8230;]

---

>Kim Forsthuber is a Channel Specialist for at Check Point Software Technologies. As a Channel Specialist, Kim works closely with Check Point\'s partners to develop and execute strategic marketing and sales plans for the Harmony portfolio. Prior to Check Point, Kim worked at the United Foundation for China\'s Health, Siemens, Autotask Corporation and Draper House, among others. She holds a MBA in International Management from Munich Business School and a Bachelor of Arts in Media and Communications from the University of London. Kim, you\'ve worked in healthcare, logistics, and public relations. How did you get into cybersecurity? My journey into […] ]]> 2023-10-27T13:00:34+00:00 https://blog.checkpoint.com/security/getting-to-know-kim-forsthuber/ www.secnews.physaphae.fr/article.php?IdArticle=8401447 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-10-27T08:15:31+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46194 www.secnews.physaphae.fr/article.php?IdArticle=8401377 False Vulnerability Uber None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC CI/CD pipeline, microservice architecture, and frictionless integration with orchestration tools. Orchestration tools form the backbone of container ecosystems, providing vital functionalities such as load balancing, fault tolerance, centralized management, and seamless system scaling. Orchestration can be realized through diverse approaches, including cloud provider services, self-deployed Kubernetes clusters, container management systems tailored for developers, and container management systems prioritizing user-friendliness. The container threat landscape According to recent findings of Sysdig, a company specializing in cloud security, a whopping 87% of container images have high-impact or critical vulnerabilities. While 85% of these flaws have a fix available, they can’t be exploited because the hosting containers aren’t in use. That said, many organizations run into difficulties prioritizing the patches. Rather than harden the protections of the 15% of entities exposed at runtime, security teams waste their time and resources on loopholes that pose no risk. One way or another, addressing these vulnerabilities requires the fortification of the underlying infrastructure. Apart from configuring orchestration systems properly, it’s crucial to establish a well-thought-out set of access permissions for Docker nodes or Kubernetes. Additionally, the security of containers hinges on the integrity of the images used for their construction. Guarding containers throughout the product life cycle A container\'s journey encompasses three principal stages. The initial phase involves constructing the container and subjecting it to comprehensive functional and load tests. Subsequently, the container is stored in the image registry, awaiting its moment of execution. The third stage, container runtime, occurs when the container is launched and operates as intended. Early identification of vulnerabilities is vital, and this is where the shift-left security principle plays a role. It encourages an intensified focus on security from the nascent stages of the product life cycle, encompassing the design and requirements gathering phases. By incorporating automated security checks within the CI/CD pipeline, developers can detect security issues early and minimize the chance of security gap]]> 2023-10-26T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/ensuring-robust-security-of-a-containerized-environment www.secnews.physaphae.fr/article.php?IdArticle=8400754 False Tool,Vulnerability,Threat,Cloud Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.]]> 2023-10-25T20:15:18+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5044 www.secnews.physaphae.fr/article.php?IdArticle=8400594 False None Uber None Recorded Future - FLux Recorded Future Une coalition mondiale de dirigeants du gouvernement de la cybersécurité annoncera des efforts visant à renforcer le partage d'informations sur les menaces numériques et à assumer des paiements néfastes de crypto-monnaie lorsqu'ils se réunissent à Washington la semaine prochaine, a déclaré mardi un haut responsable de la Maison Blanche.L'administration Biden devrait accueillir des fonctionnaires de 50 pays la semaine prochaine pour son compteur international

---

A global coalition of government cybersecurity leaders will announce efforts to boost information sharing about digital threats and take on nefarious cryptocurrency payments when they convene in Washington next week, a senior White House official said on Tuesday. The Biden administration is set to host officials from 50 countries next week for its International Counter]]> 2023-10-24T19:00:00+00:00 https://therecord.media/whiteh-house-global-initiatives-information-sharing-ransomware-tracking www.secnews.physaphae.fr/article.php?IdArticle=8399856 False Ransomware Uber 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC AT & amp; T cybersecurity consultant, Bindu Sundaresan.Dave Gruber of Enterprise Strategy Group (ESG) interviewe Bindu dans cette vidéo pour le décomposer:

---

Cybersecurity services are changing, especially cybersecurity consulting. Vendors are quickly adapting service delivery models as they look to better support digital-first business and security leaders are tasked with driving business innovation and growth by going faster, being more agile, and doing more with fewer people.  New models like “Cybersecurity as a Service” are emerging, aimed at addressing such challenges.  Watch this brand new video short and learn how it all works from AT&T Cybersecurity consultant, Bindu Sundaresan. Dave Gruber of Enterprise Strategy Group (ESG) interviews Bindu in this video to break it down: ]]> 2023-10-23T19:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/cybersecurity-as-a-service-a-new-flexible-model-for-security-program-development-and-operation www.secnews.physaphae.fr/article.php?IdArticle=8399483 False None Uber 2.0000000000000000 Silicon - Site de News Francais 2023-10-20T12:32:52+00:00 https://www.silicon.fr/radius-microsoft-kubernetes-472570.html www.secnews.physaphae.fr/article.php?IdArticle=8398281 False None Uber 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain attrayant Sa conviction. Les procureurs ont inculpé Sullivan, qu'Uber a embauché comme CISO après la violation de 2014, de retenir des informations sur l'incident de 2016 de la FTC, alors même que ses enquêteurs examinaient les pratiques de sécurité et de confidentialité des données de l'entreprise.Le gouvernement a fait valoir que Sullivan aurait dû informer la FTC de l'incident de 2016, mais a plutôt fait tout son possible pour leur cacher. Les procureurs ont également accusé Sullivan d'avoir tenté de cacher la violation elle-même en payant 100 000 $ pour acheter le silence des deux pirates derrière le compromis.Sullivan avait caractérisé le paiement comme une prime de bogue similaire à celle que d'autres sociétés font régulièrement aux chercheurs qui leur rapportent des vulnérabilités et d'autres problèmes de sécurité.Ses avocats ont souligné que Sullivan avait effectué le paiement avec la pleine connaissance et la bénédiction de Travis Kalanick, PDG d'Uber à l'époque, et d'autres membres de l'équipe juridique du géant du géant du conducteur ...

---

Joe Sullivan, Uber’s CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company’s data security and privacy practices. The government argued that Sullivan should have informed the FTC of the 2016 incident, but instead went out of his way to conceal it from them. Prosecutors also accused Sullivan of attempting to conceal the breach itself by paying $100,000 to buy the silence of the two hackers behind the compromise. Sullivan had characterized the payment as a bug bounty similar to ones that other companies routinely make to researchers who report vulnerabilities and other security issues to them. His lawyers pointed out that Sullivan had made the payment with the full knowledge and blessing of Travis Kalanick, Uber’s CEO at the time, and other members of the ride-sharing giant’s legal team...]]> 2023-10-19T11:08:36+00:00 https://www.schneier.com/blog/archives/2023/10/former-uber-ciso-appealing-his-conviction.html www.secnews.physaphae.fr/article.php?IdArticle=8397666 False Vulnerability Uber 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2023-10-19T08:04:38+00:00 https://www.globalsecuritymag.fr/Mois-de-la-sensibilisation-a-la-cybersecurite-le-cas-de-MrBeast-vu-par-Tenable.html www.secnews.physaphae.fr/article.php?IdArticle=8397613 False General Information Uber 2.0000000000000000 SecurityWeek - Security News In Other ]]> 2023-10-13T12:23:49+00:00 https://www.securityweek.com/in-other-news-ex-uber-security-chief-appeal-new-offerings-from-tech-giants-crypto-bounty/ www.secnews.physaphae.fr/article.php?IdArticle=8395141 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch Joe Sullivan\'s lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs.]]> 2023-10-12T13:00:00+00:00 https://www.darkreading.com/attacks-breaches/former-uber-ciso-appeals-conviction-over-2016-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8394724 False Data Breach Uber 3.0000000000000000 Dark Reading - Informationweek Branch Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.]]> 2023-10-11T19:25:11+00:00 https://www.darkreading.com/threat-intelligence/microsoft-chinese-apt-behind-atlassian-confluence-attacks-pocs-appear www.secnews.physaphae.fr/article.php?IdArticle=8394455 False None Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-10-10T17:37:33+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-030 www.secnews.physaphae.fr/article.php?IdArticle=8393870 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure Garden provides automation for Kubernetes development and testing. Prior tov ersions 0.13.17 and 0.12.65, Garden has a dependency on the cryo library, which is vulnerable to code injection due to an insecure implementation of deserialization. Garden stores serialized objects using cryo in the Kubernetes `ConfigMap` resources prefixed with `test-result` and `run-result` to cache Garden test and run results. These `ConfigMaps` are stored either in the `garden-system` namespace or the configured user namespace. When a user invokes the command `garden test` or `garden run` objects stored in the `ConfigMap` are retrieved and deserialized. This can be used by an attacker with access to the Kubernetes cluster to store malicious objects in the `ConfigMap`, which can trigger a remote code execution on the users machine when cryo deserializes the object. In order to exploit this vulnerability, an attacker must have access to the Kubernetes cluster used to deploy garden remote environments. Further, a user must actively invoke either a `garden test` or `garden run` which has previously cached results. The issue has been patched in Garden versions `0.13.17` (Bonsai) and `0.12.65` (Acorn). Only Garden versions prior to these are vulnerable. No known workarounds are available.]]> 2023-10-09T20:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44392 www.secnews.physaphae.fr/article.php?IdArticle=8393407 False None Uber None CVE Liste - Common Vulnerability Exposure A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a Kubernetes secret.]]> 2023-10-04T12:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3361 www.secnews.physaphae.fr/article.php?IdArticle=8391460 False None Uber None Korben - Bloger francais Suite]]> 2023-10-02T08:30:00+00:00 https://korben.info/kubernetes-ambien-it.html www.secnews.physaphae.fr/article.php?IdArticle=8390383 False None Uber 2.0000000000000000 Global Security Mag - Site de news francais Interviews]]> 2023-09-29T15:36:35+00:00 https://www.globalsecuritymag.fr/Christophe-Auberger-Fortinet-Les-RSSI-doivent-developper-des-facultes-d.html www.secnews.physaphae.fr/article.php?IdArticle=8389537 False None Uber 2.0000000000000000 Soc Radar - Blog spécialisé SOC Researchers have discovered a concerning surge in deceptive npm and PyPI packages distributed as part... ]]> 2023-09-28T10:41:54+00:00 https://socradar.io/new-campaign-distributes-malicious-npm-and-pypi-packages-to-pilfer-kubernetes-config-ssh-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8389002 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Argo CD is a declarative continuous deployment framework for Kubernetes. In Argo CD versions prior to 2.3 (starting at least in v0.1.0, but likely in any version using Helm before 2.3), using a specifically-crafted Helm file could reference external Helm charts handled by the same repo-server to leak values, or files from the referenced Helm Chart. This was possible because Helm paths were predictable. The vulnerability worked by adding a Helm chart that referenced Helm resources from predictable paths. Because the paths of Helm charts were predictable and available on an instance of repo-server, it was possible to reference and then render the values and resources from other existing Helm charts regardless of permissions. While generally, secrets are not stored in these files, it was nevertheless possible to reference any values from these charts. This issue was fixed in Argo CD 2.3 and subsequent versions by randomizing Helm paths. User\'s still using Argo CD 2.3 or below are advised to update to a supported version. If this is not possible, disabling Helm chart rendering, or using an additional repo-server for each Helm chart would prevent possible exploitation.]]> 2023-09-27T21:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40026 www.secnews.physaphae.fr/article.php?IdArticle=8388823 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in other namespaces. By using a crafted `endpointSelector` that uses the `DoesNotExist` operator on the `reserved:init` label, the attacker can create policies that bypass namespace restrictions and affect the entire Cilium cluster. This includes potentially allowing or denying all traffic. This attack requires API server access, as described in the Kubernetes API Server Attacker section of the Cilium Threat Model. This issue has been resolved in Cilium versions 1.14.2, 1.13.7, and 1.12.14. As a workaround an admission webhook can be used to prevent the use of `endpointSelectors` that use the `DoesNotExist` operator on the `reserved:init` label in CiliumNetworkPolicies.]]> 2023-09-27T15:19:30+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-41333 www.secnews.physaphae.fr/article.php?IdArticle=8388593 False Threat Uber None CVE Liste - Common Vulnerability Exposure Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels to select the policies which apply to the workload in question. This can affect Cilium network policies that use the namespace, service account or cluster constructs to restrict traffic, Cilium clusterwide network policies that use Cilium namespace labels to select the Pod and Kubernetes network policies. Non-existent construct names can be provided, which bypass all network policies applicable to the construct. For example, providing a pod with a non-existent namespace as the value of the `io.kubernetes.pod.namespace` label results in none of the namespaced CiliumNetworkPolicies applying to the pod in question. This attack requires the attacker to have Kubernetes API Server access, as described in the Cilium Threat Model. This issue has been resolved in: Cilium versions 1.14.2, 1.13.7, and 1.12.14. Users are advised to upgrade. As a workaround an admission webhook can be used to prevent pod label updates to the `k8s:io.kubernetes.pod.namespace` and `io.cilium.k8s.policy.*` keys.]]> 2023-09-27T15:18:55+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39347 www.secnews.physaphae.fr/article.php?IdArticle=8388489 False Threat Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, @am-fe/watermark-core,]]> 2023-09-20T15:43:00+00:00 https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8385760 False None Uber 3.0000000000000000 Silicon - Site de News Francais 2023-09-18T16:48:49+00:00 https://www.silicon.fr/kubernetes-couts-google-cloud-finops-471430.html www.secnews.physaphae.fr/article.php?IdArticle=8384945 False Cloud Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.]]> 2023-09-15T21:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0923 www.secnews.physaphae.fr/article.php?IdArticle=8383912 False None Uber None Dark Reading - Informationweek Branch All Windows endpoints within a vulnerable Kubernetes cluster are open to command injection attacks, new research finds.]]> 2023-09-13T20:34:00+00:00 https://www.darkreading.com/vulnerabilities-threats/kubernetes-admins-warned-to-patch-clusters-against-new-rce-vulns www.secnews.physaphae.fr/article.php?IdArticle=8382438 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the vulnerabilities were released on August]]> 2023-09-13T19:35:00+00:00 https://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8382342 False Vulnerability Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure Cross Site Scripting vulnerability in WP Githuber MD plugin v.1.16.2 allows a remote attacker to execute arbitrary code via a crafted payload to the new article function.]]> 2023-09-12T22:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-41423 www.secnews.physaphae.fr/article.php?IdArticle=8382088 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability]]> 2023-09-12T17:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29332 www.secnews.physaphae.fr/article.php?IdArticle=8381923 False Vulnerability Uber None Data Security Breach - Site de news Francais 2023-09-11T13:34:15+00:00 https://www.datasecuritybreach.fr/sourcegraph-hack-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8381372 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Argo CD is a declarative continuous deployment for Kubernetes. All versions of ArgoCD starting from v2.4 have a bug where the ArgoCD repo-server component is vulnerable to a Denial-of-Service attack vector. Specifically, the said component extracts a user-controlled tar.gz file without validating the size of its inner files. As a result, a malicious, low-privileged user can send a malicious tar.gz file that exploits this vulnerability to the repo-server, thereby harming the system\'s functionality and availability. Additionally, the repo-server is susceptible to another vulnerability due to the fact that it does not check the extracted file permissions before attempting to delete them. Consequently, an attacker can craft a malicious tar.gz archive in a way that prevents the deletion of its inner files when the manifest generation process is completed. A patch for this vulnerability has been released in versions 2.6.15, 2.7.14, and 2.8.3. Users are advised to upgrade. The only way to completely resolve the issue is to upgrade, however users unable to upgrade should configure RBAC (Role-Based Access Control) and provide access for configuring applications only to a limited number of administrators. These administrators should utilize trusted and verified Helm charts.]]> 2023-09-07T23:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40584 www.secnews.physaphae.fr/article.php?IdArticle=8380259 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored in`kubectl.kubernetes.io/last-applied-configuration` annotation. pull request #7139 introduced the ability to manage cluster labels and annotations. Since clusters are stored as secrets it also exposes the `kubectl.kubernetes.io/last-applied-configuration` annotation which includes full secret body. In order to view the cluster annotations via the Argo CD API, the user must have `clusters, get` RBAC access. **Note:** In many cases, cluster secrets do not contain any actually-secret information. But sometimes, as in bearer-token auth, the contents might be very sensitive. The bug has been patched in versions 2.8.3, 2.7.14, and 2.6.15. Users are advised to upgrade. Users unable to upgrade should update/deploy cluster secret with `server-side-apply` flag which does not use or rely on `kubectl.kubernetes.io/last-applied-configuration` annotation. Note: annotation for existing secrets will require manual removal.]]> 2023-09-07T23:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40029 www.secnews.physaphae.fr/article.php?IdArticle=8380258 False None Uber None Vuln GCP - FLux Vuln GoogleCloudPlatform Bulletin de sécurité gke clusters anthos sur le bulletin de sécurité VMware grappes anthos sur le bulletin de sécurité AWS anthos sur le bulletin de sécurité azur anthos sur le bulletin de sécurité en métal nu High CVE-2023-3676 , CVE-2023-3955 , cve-2023-3893

---

Published: 2023-09-06Description Description Severity Notes Three vulnerabilities (CVE-2023-3676, CVE-2023-3955, CVE-2023-3893) have been discovered in Kubernetes where a user that can create Pods on Windows nodes may be able to escalate to admin privileges on those nodes. These vulnerabilities affect the Windows versions of Kubelet and the Kubernetes CSI proxy. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2023-3676, CVE-2023-3955, CVE-2023-3893 ]]> 2023-09-06T17:35:09+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-026 www.secnews.physaphae.fr/article.php?IdArticle=8379787 False Vulnerability Uber 2.0000000000000000 The Intercept - Site journalistique Anglais Un rapport d'inspecteur général de la NSA non déclaré auparavant non déclaré sur Anne Neuberger révèle un désarroi et un dysfonctionnement au sommet de la hiérarchie de la cybersécurité.

---

>A previously unreported NSA inspector general report about Anne Neuberger reveals disarray and dysfunction at the top of the cybersecurity hierarchy. ]]> 2023-09-06T15:23:43+00:00 https://theintercept.com/2023/09/06/anne-neuberger-nsa-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8379708 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two U.K. teenagers have been convicted by a jury in London for being part of the notorious LAPSUS$ transnational gang and for orchestrating a series of brazen, high-profile hacks against major tech firms and demanding a ransom in exchange for not leaking the stolen information. This includes Arion Kurtaj (aka White, Breachbase, WhiteDoxbin, and TeaPotUberHacker), an 18-year-old from Oxford, and]]> 2023-08-25T19:22:00+00:00 https://thehackernews.com/2023/08/two-lapsus-hackers-convicted-in-london.html www.secnews.physaphae.fr/article.php?IdArticle=8374539 False None Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting from version 2.6.0 have a bug where open web terminal sessions do not expire. This bug allows users to send any websocket messages even if the token has already expired. The most straightforward scenario is when a user opens the terminal view and leaves it open for an extended period. This allows the user to view sensitive information even when they should have been logged out already. A patch for this vulnerability has been released in the following Argo CD versions: 2.6.14, 2.7.12 and 2.8.1.]]> 2023-08-23T20:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40025 www.secnews.physaphae.fr/article.php?IdArticle=8373842 False Tool,Vulnerability Uber None Vuln AWS - FLux Vuln AWS Documentation EKS Pour les instructions sur la mise à niveau de leurs groupes de nœuds.Les clients d'autogestion des nœuds de travailleurs devraient remplacer les instances existantes par la nouvelle version AMI en se référant à la Documentation EKS . Si vous avez des questions ou des préoccupations concernant ces mises à jour, veuillez contacter soutien AWS .Des questions ou des préoccupations liées à la sécurité peuvent être portées à notre attention via aws-security@amazon.com .

---

Publication Date: 2023/08/23 10:00 AM PDT AWS is aware of three security issues (CVE-2023-3676, CVE-2023-3893, CVE-2023-3893) in Kubernetes that affect Amazon EKS customers with Windows EC2 nodes in their clusters. These issues do not affect any Kubernetes control plane or the service itself, nor do these issues permit cross-customer impact. Updated Amazon EKS Windows AMIs are now available for Kubernetes versions 1.23 through 1.27 that include patched builds of kubelet and csi-proxy. We recommend that EKS customers update their configurations to launch new worker nodes from the latest AMI version. Customers using Managed node groups can refer to the EKS Documentation for instructions on upgrading their node groups. Customers self-managing worker nodes should replace existing instances with the new AMI version by referring to the EKS documentation. If you have questions or concerns about these updates, please reach out to AWS Support. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.]]> 2023-08-23T16:59:19+00:00 https://aws.amazon.com/security/security-bulletins/AWS-2023-008/ www.secnews.physaphae.fr/article.php?IdArticle=8373749 False None Uber 2.0000000000000000 Recorded Future - FLux Recorded Future Mercredi, un tribunal de Londres a reconnu deux adolescents coupables d'avoir participé à une vague de piratage qui impliquait de pénétrer dans les réseaux informatiques des jeux Rockstar Games d'Uber, Revolut et de jeux vidéo.Arion Kurtaj, 18 ans, a été décrit comme un membre clé du groupe lapsus $ qui agissait indépendamment lorsqu'il a fait irruption dans les systèmes

---

A court in London on Wednesday found two teenagers guilty of participating in a hacking spree that involved breaking into the computer networks of Uber, Revolut, and video game developer Rockstar Games. Arion Kurtaj, 18, was described as a key member of the Lapsus$ group who was acting independently when he broke into the systems]]> 2023-08-23T13:16:00+00:00 https://therecord.media/lapsus$-hackers-convinctions-teens-uk-court www.secnews.physaphae.fr/article.php?IdArticle=8373661 False None Uber 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC The State of API Security Q1 Report 2023 survey finding concluded that the attacks targeting APIs had increased 400% during the past six months. Security vulnerabilities within APIs compromise critical systems, resulting in unauthorized access and data breaches like Twitter and Optus API breaches. Cybercriminals can exploit the vulnerabilities and launch various attacks like authentication attacks, distributed denial-of-service attacks (DDoS), and malware attacks. API security has emerged as a significant business issue as another report reveals that by 2023, API abuses will be the most frequent attack vector causing data breaches, and also, 50% of data theft incidents will happen due to insecure APIs. As a result, API security has. become a top priority for organizations to safeguard their data, which may cost businesses $75 billion annually. Why does API security still pose a threat in 2023? Securing APIs has always been a daunting task for most organizations, mainly because of the misconfigurations within APIs and the rise in cloud data breaches. As the security landscape evolved, API sprawl became the top reason that posed a threat to API security. API sprawl is the uncontrolled proliferation of APIs across an organization and is a common problem for enterprises with multiple applications, services, and development teams. As more APIs are created, they expanded the attack surface and emerged as an attractive target for hackers. The issue is that the APIs are not always designed by keeping security standards in mind. This leads to a lack of authorization and authentication, exposing sensitive data like personally identifiable information (PII) or other business data.  API sprawl]]> 2023-08-15T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/why-is-api-security-the-next-big-thing-in-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8370101 False Malware,Tool,Vulnerability,Threat,Cloud Uber 3.0000000000000000 Recorded Future - FLux Recorded Future La nouvelle selon laquelle le service de sécurité russe pourrait potentiellement avoir accès aux données collectées par le service de taxi Yandex a soulevé des alarmes parmi les utilisateurs et les régulateurs en Europe et en Asie centrale.Souvent appelé «Google de la Russie \\», Yandex gère le plus grand moteur de recherche du pays et fournit également un service de tension et de livraison de randonnée de type Uber sous

---

News that the Russian security service could potentially gain access to data collected by the Yandex taxi service has raised alarms among users and regulators in Europe and Central Asia. Often referred to as "Russia\'s Google," Yandex runs the biggest search engine in the country and also provides an Uber-like ride-hailing and food-delivery service under]]> 2023-08-09T17:30:00+00:00 https://therecord.media/regulators-fear-yandex-data-transfers www.secnews.physaphae.fr/article.php?IdArticle=8367980 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller subset tied to bigger companies, spanning financial, aerospace, automotive, industrial, and security sectors]]> 2023-08-09T14:35:00+00:00 https://thehackernews.com/2023/08/malicious-campaigns-exploit-weak.html www.secnews.physaphae.fr/article.php?IdArticle=8367789 False None Uber 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2023-08-02T20:24:06+00:00 https://www.globalsecuritymag.fr/VMware-Carbon-Black-lance-Cloud-Native-Detection-and-Response-CNDR.html www.secnews.physaphae.fr/article.php?IdArticle=8364917 False Threat,Cloud Uber 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le conseiller adjoint à la sécurité nationale pour les technologies cyber et émergentes explique comment atténuer la menace de désinformation de l'AI \\.

---

>The deputy national security adviser for cyber and emerging technologies discusses how to mitigate AI\'s disinformation threat. ]]> 2023-08-02T13:57:28+00:00 https://cyberscoop.com/neuberger-security-artificial-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=8364750 False None Uber 2.0000000000000000 Recorded Future - FLux Recorded Future Les chercheurs ont ont découvert deux vulnérabilités dans le système d'exploitation Linux, Ubuntu avec le potentiel d'accorder des attaquants a augmenté les privilèges.Les deux bogues ont un impact sur les surlayfs, un système de fichiers Linux largement installé utilisé pour la conteneurisation sur les serveurs cloud avec des technologies comme Docker et Kubernetes.Après avoir été informé des vulnérabilités par les chercheurs avec la société de sécurité du cloud Wiz

---

Researchers have discovered two vulnerabilities in the Linux operating system Ubuntu with the potential to grant attackers escalated privileges. The two bugs impact OverlayFS, a widely installed Linux filesystem used for containerization on cloud servers with technologies like Docker and Kubernetes. After being notified of the vulnerabilities by researchers with the cloud security firm Wiz]]> 2023-07-27T17:05:00+00:00 https://therecord.media/ubuntu-linux-overlayfs-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=8362345 False Vulnerability,Cloud Uber 2.0000000000000000 Dark Reading - Informationweek Branch Trusted content is paramount in securing the supply chain.]]> 2023-07-26T14:00:00+00:00 https://www.darkreading.com/cloud/kubernetes-software-supply-chain www.secnews.physaphae.fr/article.php?IdArticle=8361728 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure KubePi is an opensource kubernetes management panel. A normal user has permission to create/update users, they can become admin by editing the `isadmin` value in the request. As a result any user may take administrative control of KubePi. This issue has been addressed in version 1.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.]]> 2023-07-21T21:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37917 www.secnews.physaphae.fr/article.php?IdArticle=8359915 False None Uber None CVE Liste - Common Vulnerability Exposure KubePi is an opensource kubernetes management panel. The endpoint /kubepi/api/v1/users/search?pageNum=1&&pageSize=10 leak password hash of any user (including admin). A sufficiently motivated attacker may be able to crack leaded password hashes. This issue has been addressed in version 1.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.]]> 2023-07-21T21:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37916 www.secnews.physaphae.fr/article.php?IdArticle=8359914 False None Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag said in a]]> 2023-07-13T21:25:00+00:00 https://thehackernews.com/2023/07/teamtnts-silentbob-botnet-infecting-196.html www.secnews.physaphae.fr/article.php?IdArticle=8356091 False Cloud Uber 3.0000000000000000 Recorded Future - FLux Recorded Future Un tribunal de la Couronne britannique a levé mardi une restriction de reportage, permettant la dénomination de l'adolescent Arion Kurtaj qui est accusé d'avoir piraté les jeux Rockstar à Uber, Revolut et Video Games Rockstar Games dans un court laps de temps en septembre dernier.Kurtaj, maintenant âgé de 18 ans, n'a pas été jugé adapté à être jugé par des professionnels de la santé.Le jury

---

A British Crown Court on Tuesday lifted a reporting restriction, allowing the naming of teenager Arion Kurtaj who is accused of hacking Uber, Revolut, and video game developer Rockstar Games in a short period of time last September. Kurtaj, now 18, has been deemed not fit to stand trial by medical professionals. The jury will]]> 2023-07-11T19:19:00+00:00 https://therecord.media/british-prosecutors-accuse-teen-lapsus-member-of-uber-revolut-rockstar-hacks www.secnews.physaphae.fr/article.php?IdArticle=8354615 False Medical Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.]]> 2023-07-10T17:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36375 www.secnews.physaphae.fr/article.php?IdArticle=8354181 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.]]> 2023-07-10T16:15:53+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36376 www.secnews.physaphae.fr/article.php?IdArticle=8354182 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.]]> 2023-07-03T21:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2728 www.secnews.physaphae.fr/article.php?IdArticle=8351928 False None Uber None CVE Liste - Common Vulnerability Exposure Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.]]> 2023-07-03T21:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2727 www.secnews.physaphae.fr/article.php?IdArticle=8351927 False None Uber None CVE Liste - Common Vulnerability Exposure Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.0 an improper configuration of role based access control (RBAC) permissions resulted in an attacker being able to obtain cluster control permissions, which could control the entire cluster deployed with Sealos, as well as hundreds of pods and other resources within the cluster. This issue has been addressed in version 4.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.]]> 2023-06-29T19:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-33190 www.secnews.physaphae.fr/article.php?IdArticle=8350773 False Cloud Uber None CVE Liste - Common Vulnerability Exposure PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).]]> 2023-06-28T22:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34647 www.secnews.physaphae.fr/article.php?IdArticle=8350440 False None Uber None CVE Liste - Common Vulnerability Exposure PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.]]> 2023-06-28T21:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34652 www.secnews.physaphae.fr/article.php?IdArticle=8350412 False None Uber None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-27T14:55:00+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-018 www.secnews.physaphae.fr/article.php?IdArticle=8349769 True Vulnerability Uber 2.0000000000000000 Global Security Mag - Site de news francais mise à jour malveillant

---

American and Southwest airlines have disclosed data breaches – again. This comes after attacks in 2021 and 2022.Dr Darren Williams, CEO and Founder of Blackfog feels that "Major travel brands continue to fall victim to data exfiltration, leading to inevitable extortion by cyber gangs. This comes on the back of last year\'s attacks on Uber, InterContinental Hotels and Marriott International. - Malware Update]]> 2023-06-27T11:18:09+00:00 https://www.globalsecuritymag.fr/Blackfog-Comment-American-and-Southwest-Airlines-disclose-data-breaches.html www.secnews.physaphae.fr/article.php?IdArticle=8349694 False None Uber 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-26T18:49:48+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-017 www.secnews.physaphae.fr/article.php?IdArticle=8349433 False Vulnerability Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. In the packages `aws-cdk-lib` 2.0.0 until 2.80.0 and `@aws-cdk/aws-eks` 1.57.0 until 1.202.0, `eks.Cluster` and `eks.FargateCluster` constructs create two roles, `CreationRole` and `default MastersRole`, that have an overly permissive trust policy. The first, referred to as the `CreationRole`, is used by lambda handlers to create the cluster and deploy Kubernetes resources (e.g `KubernetesManifest`, `HelmChart`, ...) onto it. Users with CDK version higher or equal to 1.62.0 (including v2 users) may be affected. The second, referred to as the `default MastersRole`, is provisioned only if the `mastersRole` property isn\'t provided and has permissions to execute `kubectl` commands on the cluster. Users with CDK version higher or equal to 1.57.0 (including v2 users) may be affected. The issue has been fixed in `@aws-cdk/aws-eks` v1.202.0 and `aws-cdk-lib` v2.80.0. These versions no longer use the account root principal. Instead, they restrict the trust policy to the specific roles of lambda handlers that need it. There is no workaround available for CreationRole. To avoid creating the `default MastersRole`, use the `mastersRole` property to explicitly provide a role.]]> 2023-06-23T21:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35165 www.secnews.physaphae.fr/article.php?IdArticle=8348768 False Cloud Uber None Recorded Future - FLux Recorded Future Moscou a intensifié son assaut numérique contre l'Ukraine à la suite de la contre-offensive tant attendue de Kiev \\ pour reprendre le territoire occupé par la Russie, selon un haut responsable de la Maison Blanche."Nous savons que l'Ukraine connaît actuellement une augmentation importante des cyberattaques parallèles aux aspects cinétiques", a déclaré jeudi la conseillère adjointe de la sécurité nationale de la Maison Blanche

---

Moscow has ramped up its digital assault on Ukraine as a result of Kyiv\'s long-awaited counteroffensive to retake Russian-occupied territory, according to a senior White House official. “We know Ukraine is currently experiencing a significant surge in cyberattacks in parallel to the kinetic aspects,” White House Deputy National Security Adviser Anne Neuberger said Thursday at]]> 2023-06-22T14:42:00+00:00 https://therecord.media/neuberger-white-house-ukraine-seeing-surge-in-cyberattacks-russia www.secnews.physaphae.fr/article.php?IdArticle=8348088 False None Uber 2.0000000000000000 GoogleSec - Firm Security Blog Google Cloud products, which in turn helps improve security for our users, customers, and the Internet at large.We first announced the Google Cloud VRP Prize in 2019 to encourage security researchers to focus on the security of Google Cloud and to incentivize sharing knowledge on Cloud vulnerability research with the world. This year, we were excited to see an increase in collaboration between researchers, which often led to more detailed and complex vulnerability reports. After careful evaluation of the submissions, today we are excited to announce the winners of the 2022 Google Cloud VRP Prize.2022 Google Cloud VRP Prize Winners1st Prize - $133,337: Yuval Avrahami for the report and write-up Privilege escalations in GKE Autopilot. Yuval\'s excellent write-up describes several attack paths that would allow an attacker with permission to create pods in an Autopilot cluster to escalate privileges and compromise the underlying node VMs. While thes]]> 2023-06-22T12:05:42+00:00 http://security.googleblog.com/2023/06/google-cloud-awards-313337-in-2022-vrp.html www.secnews.physaphae.fr/article.php?IdArticle=8348159 False Vulnerability,Cloud Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of secrets (including certificates) and services across namespaces. An attacker on an affected cluster can leverage this issue to use cluster secrets that should not be visible to them, or communicate with services that they should not have access to. Gateway API functionality is disabled by default. This vulnerability is fixed in Cilium release 1.13.4. As a workaround, restrict the creation of `ReferenceGrant` resources to admin users by using Kubernetes RBAC.]]> 2023-06-15T20:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34242 www.secnews.physaphae.fr/article.php?IdArticle=8345959 False Vulnerability Uber None Vuln GCP - FLux Vuln GoogleCloudPlatform 2023-06-15T19:06:42+00:00 https://cloud.google.com/support/bulletins/index#gcp-2023-014 www.secnews.physaphae.fr/article.php?IdArticle=8345868 False None Uber 2.0000000000000000 GoogleSec - Firm Security Blog 2020, we integrated kCTF into Google\'s Vulnerability Rewards Program (VRP) to support researchers evaluating the security of Google Kubernetes Engine (GKE) and the underlying Linux kernel. As the Linux kernel is a key component not just for Google, but for the Internet, we started heavily investing in this area. We extended the VRP\'s scope and maximum reward in 2021 (to $50k), then again in February 2022 (to $91k), and finally in August 2022 (to $133k). In 2022, we also summarized our learnings to date in our cookbook, and introduced our experimental mitigations for the most common exploitation techniques.In this post, we\'d like to share our learnings and statistics about the latest Linux kernel exploit submissions, how effective our ]]> 2023-06-14T11:59:49+00:00 http://security.googleblog.com/2023/06/learnings-from-kctf-vrps-42-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8345378 False Vulnerability Uber 2.0000000000000000