This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T12:54:03+00:00 www.secnews.physaphae.fr Security Affairs - Blog Secu 2021-10-18T18:15:07+00:00 https://securityaffairs.co/wordpress/123529/hacking/prometheus-endpoint-data-leak.html?utm_source=rss&utm_medium=rss&utm_campaign=prometheus-endpoint-data-leak www.secnews.physaphae.fr/article.php?IdArticle=3528344 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-10-13T14:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41137 www.secnews.physaphae.fr/article.php?IdArticle=3510255 False Vulnerability Uber None Palo Alto Network - Site Constructeur 2021-10-13T13:00:47+00:00 http://feedproxy.google.com/~r/PaloAltoNetworks/~3/acL3uXizchE/ www.secnews.physaphae.fr/article.php?IdArticle=3530568 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-10-11T19:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25738 www.secnews.physaphae.fr/article.php?IdArticle=3502812 False Guideline Uber None CVE Liste - Common Vulnerability Exposure 2021-10-11T17:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41117 www.secnews.physaphae.fr/article.php?IdArticle=3502334 False None Uber None Anomali - Firm Blog Figure 1 - Overview of /cmd/ Contained on the server are approximately 50 scripts, most of which are already documented, located in the /cmd/ directory. The objective of the scripts vary and include the following: AWS Credential Stealer Diamorphine Rootkit IP Scanners Mountsploit Scripts to set up utils Scripts to setup miners Scripts to remove previous miners Figure 2 - Snippet of AWS Credential Stealer Script Some notable scripts, for example, is the script that steals AWS EC2 credentials, shown above in Figure 2. The AWS access key, secret key, and token are piped into a text file that is uploaded to the Command and Control (C2) server. Figure 3 - Chimaera_Kubernetes_root_PayLoad_2.sh Another interesting script is shown in Figure 3 above, which checks the architecture of the system, and retrieves the XMRig miner version for that architecture from another open TeamTNT server, 85.214.149[.]236. Binaries (/bin/) Figure 4 - Overview of /bin Within the /bin/ folder, shown in Figure 4 above, there is a collection of malicious binaries and utilities that TeamTNT use in their operations. Among the files are well-known samples that are attributed to TeamTNT, including the Tsunami backdoor and a XMRig cryptominer. Some of the tools have the source code located on the server, such as TeamTNT Bot. The folder /a.t.b contains the source code for the TeamTNT bot, shown in Figures 5 and 6 below. In addition, the same binaries have been found on a TeamTNT Docker, noted in Appendix A. ]]> 2021-10-06T19:06:00+00:00 https://www.anomali.com/blog/inside-teamtnts-impressive-arsenal-a-look-into-a-teamtnt-server www.secnews.physaphae.fr/article.php?IdArticle=3479896 False Malware,Tool,Threat APT 32,Uber None We Live Security - Editeur Logiciel Antivirus ESET 2021-10-06T16:51:39+00:00 http://feedproxy.google.com/~r/eset/blog/~3/TR19ooqEMAM/ www.secnews.physaphae.fr/article.php?IdArticle=3481120 False None Uber None Wired Threat Level - Security News 2021-09-25T12:00:00+00:00 https://www.wired.com/story/sims-homeless-challenge-youtube www.secnews.physaphae.fr/article.php?IdArticle=3427908 False None Uber None TechRepublic - Security News US 2021-09-23T19:17:23+00:00 https://www.techrepublic.com/article/portainer-and-canonical-expand-their-partnership/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3419581 False None Uber None Kaspersky - Kaspersky Research blog 2021-09-23T08:00:58+00:00 https://securelist.com/sas-at-home-2021/104303/ www.secnews.physaphae.fr/article.php?IdArticle=3417154 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-09-20T17:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25741 www.secnews.physaphae.fr/article.php?IdArticle=3401579 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-09-20T17:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25740 www.secnews.physaphae.fr/article.php?IdArticle=3401578 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-09-20T17:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8561 www.secnews.physaphae.fr/article.php?IdArticle=3401529 False None Uber None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Current Anomali ThreatStream users can query these indicators under the “anomali cyber watch” tag. Trending Cyber News and Threat Intelligence S.O.V.A. – A New Android Banking Trojan with Fowl Intentions (published: September 10, 2021) ThreatFabric researchers have discovered a new Android banking trojan called S.O.V.A. The malware is still in the development and testing phase and the threat actor is publicly-advertising S.O.V.A. for trial runs targeting banks to improve its functionality. The trojan’s primary objective is to steal personally identifiable information (PII). This is conducted through overlay attacks, keylogging, man-in-the-middle attacks, and session cookies theft, among others. The malware author is also working on other features such as distributed denial-of-service (DDoS) and ransomware on S.O.V.A.’s project roadmap. Analyst Comment: Always keep your mobile phone fully patched with the latest security updates. Only use official locations such as the Google Play Store / Apple App Store to obtain your software, and avoid downloading applications, even if they appear legitimate, from third-party stores. Furthermore, always review the permissions an app will request upon installation. MITRE ATT&CK: [MITRE ATT&CK] Input Capture - T1056 | [MITRE ATT&CK] Man-in-the-Middle - T1557 | [MITRE ATT&CK] Steal Web Session Cookie - T1539 | [MITRE ATT&CK] Network Denial of Service - T1498 | [MITRE ATT&CK] Data Encrypted for Impact - T1486 Tags: Android, Banking trojan, S.O.V.A., Overlay, Keylogging, Cookies, Man-in-the-Middle Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances (published: September 9, 2021) Unit 42 researchers identified and disclosed critical security issues in Microsoft’s Container-as-a-Service (CaaS) offering that is called Azure Container Instances (ACI). A malicious Azure user could have compromised the multitenant Kubernetes clusters hosting ACI, establishing full control over other users' containers. Researchers gave the vulnerability a specific name, Azurescape, highlighting its significance: it the first cross-account container takeover in the public cloud. Analyst Comment: Azurescape vulnerabilities could have allowed an attacker to execute code on other users' containers, steal customer secrets and images deployed to the platform, and abuse ACI's infrastructure processing power. Microsoft patched ACI shortly after the discl]]> 2021-09-14T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-azurescape-cloud-threat-mshtml-0-day-in-the-wild-confluence-cloud-hacked-to-mine-monero-and-more www.secnews.physaphae.fr/article.php?IdArticle=3369753 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Guideline Uber,APT 15,APT 41 None CybeReason - Vendor blog It's been a busy couple weeks for Microsoft-and not in a good way. Following the news that a configuration error left Azure cloud customer data exposed to potential compromise, and a security alert from Microsoft about an active exploit targeting a zero-day vulnerability in MSHTML, now there are reports of a critical security vulnerability that can allow attackers to compromise containers in Azure as well. ]]> 2021-09-13T12:56:00+00:00 https://www.cybereason.com/blog/azurescape-vulnerability-more-evidence-that-microsoft-should-leave-security-to-the-experts www.secnews.physaphae.fr/article.php?IdArticle=3368199 False Vulnerability Uber None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-09-09T16:39:13+00:00 https://threatpost.com/azurescape-kubernetes-attack-container-cloud-compromise/169319/ www.secnews.physaphae.fr/article.php?IdArticle=3357274 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-09-06T12:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25737 www.secnews.physaphae.fr/article.php?IdArticle=3342134 False None Uber None Wired Threat Level - Security News 2021-09-02T13:00:00+00:00 https://www.wired.com/story/they-watched-youtuber-with-tourettes-then-adopted-his-tics www.secnews.physaphae.fr/article.php?IdArticle=3325231 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-08-25T19:15:14+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-39159 www.secnews.physaphae.fr/article.php?IdArticle=3284541 False Vulnerability Uber None TroyHunt - Blog Security 2021-08-09T19:50:49+00:00 https://arstechnica.com/?p=1785847 www.secnews.physaphae.fr/article.php?IdArticle=3201305 False None Uber None TechRepublic - Security News US 2021-08-04T18:32:12+00:00 https://www.techrepublic.com/article/learn-everything-you-need-to-know-about-python-github-sql-kubernetes-and-more/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3173848 False None Uber None Security Affairs - Blog Secu 2021-08-04T16:15:25+00:00 https://securityaffairs.co/wordpress/120807/security/kubernetes-guidance.html?utm_source=rss&utm_medium=rss&utm_campaign=kubernetes-guidance www.secnews.physaphae.fr/article.php?IdArticle=3173023 False None Uber None SecurityWeek - Security News 2021-08-04T13:56:11+00:00 http://feedproxy.google.com/~r/securityweek/~3/hAfx9UJ2I14/new-cisa-and-nsa-guidance-details-steps-harden-kubernetes-systems www.secnews.physaphae.fr/article.php?IdArticle=3171842 False None Uber None Bleeping Computer - Magazine Américain 2021-08-04T01:02:03+00:00 https://www.bleepingcomputer.com/news/security/nsa-and-cisa-share-kubernetes-security-recommendations/ www.secnews.physaphae.fr/article.php?IdArticle=3170515 False None Uber None Security Affairs - Blog Secu 2021-08-01T08:55:45+00:00 https://securityaffairs.co/wordpress/120717/breaking-news/security-affairs-newsletter-round-325.html?utm_source=rss&utm_medium=rss&utm_campaign=security-affairs-newsletter-round-325 www.secnews.physaphae.fr/article.php?IdArticle=3157648 False Malware Uber None Korben - Bloger francais Suite]]> 2021-07-31T07:00:00+00:00 http://feedproxy.google.com/~r/KorbensBlog-UpgradeYourMind/~3/3cKjEFs0qV4/scanner-iac.html www.secnews.physaphae.fr/article.php?IdArticle=3154616 False None Uber None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Windows “PetitPotam” Network Attack – How to Protect Against It (published: July 21, 2021) Microsoft has released mitigations for a new Windows vulnerability called PetitPotam. Security researcher, Gillesl Lionel, created a proof-of-concept script that abuses Microsoft’s NT Lan Manager (NTLM) protocol called MS-EFSRPC (encrypting file system remote protocol). PetitPotam can only work if certain system functions that are enabled if the following conditions are met: NTLM authentication is enabled on domain, active directory certificate services (AD CS) is being used, certificate authority web enrollment or certificate enrollment we service are enabled. Exploitation can result in a NTLM relay attack, which is a type of man-in-the-middle attack. Analyst Comment: Microsoft has provided mitigation steps to this attack which includes disabling NTLM on a potentially affected domain, in addition to others. Tags: Vulnerability, Microsoft, PetitPotam, Man-in-the-middle APT31 Modus Operandi Attack Campaign Targeting France (published: July 21, 2021) The French cybersecurity watchdog, ANSSII issued an alert via France computer emergency response team (CERT) discussing attacks targeting multiple French entities. The China-sponsored, advanced persistent threat (APT) group APT31 (Judgment Panda, Zirconium) has been attributed to this ongoing activity. The group was observed using “a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance as well as attacks.” Analyst Comment: Defense-in-depth (layering of security mechanisms, redundancy, fail-safe defense processes) is the best way to ensure safety from APTs, including a focus on both network and host-based security. Prevention and detection capabilities should also be in place. MITRE ATT&CK: [MITRE ATT&CK] Resource Hijacking - T1496 Tags: APT, APT31, Judgment Panda, Zirconium, Home routers StrongPity APT Group Deploys Android Malware for the First Time (published: July 21, 2021) Trend Micro researchers conducted analysis on a malicious APK sample shared on Twitter by MalwareHunterTeam. The shared sample was discussed as being a trojanized version of an Android app offered on the authentic Syrian E-Gov website, potentially via a watering-hole attack. Researchers took this information and pivoted further to analyze the backdoor functionality of the trojanized app (which is no longer being distributed on the official Syrian E-Gov website). Additional samples were identified to be contacting URLs that are identical to or following previous r]]> 2021-07-27T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-apt31-targeting-french-home-routers-multiple-microsoft-vulnerabilities-strongpity-deploys-android-malware-and-more www.secnews.physaphae.fr/article.php?IdArticle=3140285 False Malware,Tool,Vulnerability,Threat APT 31,Uber None Security Affairs - Blog Secu 2021-07-25T15:23:28+00:00 https://securityaffairs.co/wordpress/120544/malware/kubernetes-attacks-argo-workflows.html?utm_source=rss&utm_medium=rss&utm_campaign=kubernetes-attacks-argo-workflows www.secnews.physaphae.fr/article.php?IdArticle=3129614 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-07-23T22:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-32783 www.secnews.physaphae.fr/article.php?IdArticle=3123836 False None Uber None SecurityWeek - Security News 2021-07-23T16:00:21+00:00 http://feedproxy.google.com/~r/securityweek/~3/8YQup4vEMfY/threat-actors-target-kubernetes-clusters-argo-workflows www.secnews.physaphae.fr/article.php?IdArticle=3121077 False None Uber None Bleeping Computer - Magazine Américain 2021-07-23T11:27:27+00:00 https://www.bleepingcomputer.com/news/security/attackers-deploy-cryptominers-on-kubernetes-clusters-via-argo-workflows/ www.secnews.physaphae.fr/article.php?IdArticle=3120250 False Threat Uber None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-07-21T15:19:56+00:00 https://threatpost.com/kubernetes-cyberattacks-argo-workflows/167997/ www.secnews.physaphae.fr/article.php?IdArticle=3105991 False None Uber None TechRepublic - Security News US 2021-07-09T14:37:48+00:00 https://www.techrepublic.com/article/kubernetes-magic-is-in-enterprise-standardization-not-app-portability/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3042589 False None Uber None Bleeping Computer - Magazine Américain 2021-07-07T14:31:10+00:00 https://www.bleepingcomputer.com/news/security/white-house-urges-mayors-to-review-local-govts-cybersecurity-posture/ www.secnews.physaphae.fr/article.php?IdArticle=3034153 False Ransomware Uber None InfoSecurity Mag - InfoSecurity Magazine 2021-07-02T08:42:00+00:00 https://www.infosecurity-magazine.com:443/news/russias-apt-28-blamed-brute-force/ www.secnews.physaphae.fr/article.php?IdArticle=3010767 False Threat Uber,APT 28 None 01net. Actualites - Securite - Magazine Francais ]]> 2021-07-02T03:55:00+00:00 https://www.01net.com/actualites/ces-hackers-russes-utilisent-des-vpn-grand-public-pour-perpetrer-leur-attaques-2045518.html www.secnews.physaphae.fr/article.php?IdArticle=3022653 False None Uber,APT 28 None Bleeping Computer - Magazine Américain 2021-07-01T11:00:00+00:00 https://www.bleepingcomputer.com/news/security/nsa-russian-gru-hackers-use-kubernetes-to-run-brute-force-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=3006352 False None Uber None TechRepublic - Security News US 2021-06-30T15:58:45+00:00 https://www.techrepublic.com/article/the-linux-foundation-awards-training-certification-scholarships-to-500-people-from-around-the-world/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3001372 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-06-16T22:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-32690 www.secnews.physaphae.fr/article.php?IdArticle=2940684 False Tool,Vulnerability Uber None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence NoxPlayer Supply-Chain Attack is Likely The Work of Gelsemium Hackers (published: June 14, 2021) ESET researchers have discovered malicious activity dating back to at least 2014 attributed to the Gelsemium cyberespionage group. The group targets electronics manufacturers, governments, religious entities in multiple countries throughout East Asia and the Middle East. Gelsemium demonstrated sophistication in their infection chain with extensive configurations, multiple implants at each stage, and modifying settings on-the-fly for delivering the final payload. The dropper, called Gelsemine, will drop a loader called Gelsenicine that will deliver the final payload, called Gelsevirine. Analyst Comment: Threat actors are always adapting to the security environment to remain effective. New techniques can still be spotted with behavioural analysis defenses and social engineering training. Ensure that your company's firewall blocks all entry points for unauthorized users, and maintain records of how normal traffic appears on your network. Therefore, it will be easier to spot unusual traffic and connections to and from your network to potentially identify malicious activity. Furthermore, ensure that your employees are educated about the risks of opening attachments, particularly from unknown senders and any attachment that requests macros be enabled. MITRE ATT&CK: [MITRE ATT&CK] Remote Access Tools - T1219 | [MITRE ATT&CK] Obfuscated Files or Information - T1027 Tags: Cyberespionage, Gelsemium, Supply Chain BackdoorDiplomacy: upgrading from Quarian to Turian (published: June 10, 2021) A new advanced persistent threat (APT) group, dubbed BackdoorDiplomacy, has been targeting ministries of foreign affairs (MOFAs) and telecommunication companies located in Africa and the Middle East since at least 2017, according to ESET researchers. The group was observed targeting “vulnerable internet-exposed devices such as web servers and management interfaces for networking equipment.” BackdoorDiplomacy’s objective is to access a system, use pentesting tools for lateral movement, and install a custom backdoor called “Turian,” which is based on the Quarian backdoor. Analyst Comment: It is important that your company has patch-maintenance policies in place, particularly if there are numerous internet-facing services your company uses or provides. Once a vulnerability has been reported on in open sources, threat actors will likely attempt to incorporate the exploitation of the vulnerability into their malicious operations. Patches should be reviewed and applied as soon as possible to prevent potential malicious activity. MITRE ATT&CK: ]]> 2021-06-15T16:05:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-teamtnt-expand-its-cryptojacking-footprint-puzzlemaker-attack-with-chrome-zero-day-noxplayer-supply-chain-attack-likely-the-work-of-gelsemium-hackers-and-more www.secnews.physaphae.fr/article.php?IdArticle=2930142 False Ransomware,Malware,Vulnerability,Threat Uber None TechRepublic - Security News US 2021-06-10T21:31:08+00:00 https://www.techrepublic.com/article/why-kubernetes-is-our-modern-day-cobol-says-a-tech-expert/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2905574 False None Uber None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-06-10T16:26:28+00:00 https://threatpost.com/microsoft-cryptomining-kubeflow/166777/ www.secnews.physaphae.fr/article.php?IdArticle=2903771 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-06-10T15:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21661 www.secnews.physaphae.fr/article.php?IdArticle=2904023 False None Uber None Bleeping Computer - Magazine Américain 2021-06-09T13:05:29+00:00 https://www.bleepingcomputer.com/news/security/microsoft-warns-of-cryptomining-attacks-on-kubernetes-clusters/ www.secnews.physaphae.fr/article.php?IdArticle=2897305 False None Uber None Security Affairs - Blog Secu 2021-06-09T07:48:52+00:00 https://securityaffairs.co/wordpress/118750/security/microsoft-june-2021-patch-tuesday.html?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-june-2021-patch-tuesday www.secnews.physaphae.fr/article.php?IdArticle=2894536 False None Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-06-09T04:01:03+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/dhqyoGbKN48/crypto-mining-attacks-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=2895231 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-06-08T23:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31938 www.secnews.physaphae.fr/article.php?IdArticle=2893515 False None Uber None InformationSecurityBuzzNews - Site de News Securite 2021-06-08T12:07:44+00:00 https://informationsecuritybuzz.com/expert-comments/new-kubernetes-malware-backdoors-clusters-via-windows-containers-expert-weighs-in/ www.secnews.physaphae.fr/article.php?IdArticle=2890039 False Malware Uber None CVE Liste - Common Vulnerability Exposure 2021-06-07T20:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1742 www.secnews.physaphae.fr/article.php?IdArticle=2887792 False Vulnerability Uber None Security Affairs - Blog Secu 2021-06-07T19:16:04+00:00 https://securityaffairs.co/wordpress/118690/cyber-crime/siloscape-backdoor-kubernetes-clusters.html?utm_source=rss&utm_medium=rss&utm_campaign=siloscape-backdoor-kubernetes-clusters www.secnews.physaphae.fr/article.php?IdArticle=2887120 True Malware Uber None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-06-07T17:18:48+00:00 https://threatpost.com/windows-containers-malware-targets-kubernetes/166692/ www.secnews.physaphae.fr/article.php?IdArticle=2886462 False Malware Uber None SecurityWeek - Security News 2021-06-07T17:06:15+00:00 http://feedproxy.google.com/~r/securityweek/~3/x72s6xdSk0c/siloscape-malware-targets-windows-server-containers www.secnews.physaphae.fr/article.php?IdArticle=2886499 False Malware Uber None ZD Net - Magazine Info 2021-06-07T10:00:00+00:00 https://www.zdnet.com/article/siloscape-this-new-malware-targets-windows-containers-to-access-kubernetes-clusters/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2884838 False Malware Uber None ComputerWeekly - Computer Magazine 2021-06-07T08:30:00+00:00 https://www.computerweekly.com/news/252501997/Siloscape-malware-a-risk-to-Windows-containers-Kubernetes www.secnews.physaphae.fr/article.php?IdArticle=2885397 False Malware Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-06-07T07:52:27+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/26A21V2RALs/researchers-discover-first-known.html www.secnews.physaphae.fr/article.php?IdArticle=2885896 False Malware Uber None Bleeping Computer - Magazine Américain 2021-06-07T06:51:59+00:00 https://www.bleepingcomputer.com/news/security/new-kubernetes-malware-backdoors-clusters-via-windows-containers/ www.secnews.physaphae.fr/article.php?IdArticle=2884730 False Malware Uber None InformationSecurityBuzzNews - Site de News Securite 2021-06-04T10:00:59+00:00 https://informationsecuritybuzz.com/expert-comments/experts-react-white-house-open-letter-to-companies-re-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=2873924 False Ransomware,Guideline Uber None Bleeping Computer - Magazine Américain 2021-06-03T09:56:30+00:00 https://www.bleepingcomputer.com/news/security/white-house-urges-businesses-to-take-ransomware-crime-seriously/ www.secnews.physaphae.fr/article.php?IdArticle=2871845 False Ransomware,Guideline Uber None CVE Liste - Common Vulnerability Exposure 2021-06-02T16:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3499 www.secnews.physaphae.fr/article.php?IdArticle=2869691 False Vulnerability,Guideline Uber None CVE Liste - Common Vulnerability Exposure 2021-06-02T14:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35514 www.secnews.physaphae.fr/article.php?IdArticle=2869023 False Vulnerability,Threat Uber None Wired Threat Level - Security News 2021-05-27T15:39:47+00:00 https://www.wired.com/story/uber-union-deal-uk www.secnews.physaphae.fr/article.php?IdArticle=2846774 False None Uber None Security Affairs - Blog Secu 2021-05-26T21:29:00+00:00 https://securityaffairs.co/wordpress/118306/digital-id/kubernetes-clusters-teamtnt.html?utm_source=rss&utm_medium=rss&utm_campaign=kubernetes-clusters-teamtnt www.secnews.physaphae.fr/article.php?IdArticle=2842907 False None Uber None TechRepublic - Security News US 2021-05-21T12:55:49+00:00 https://www.techrepublic.com/article/the-first-suse-version-of-rancher-kubernetes-is-on-its-way/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2820436 False None Uber None Veracode - Application Security Research, News, and Education Blog Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, addressed President Biden???s executive order at the virtual RSA Conference this week. The executive order, announced on May 12, 2021, aims to safeguard U.S. cybersecurity and modernize cybersecurity defenses. As Neuberger explains, this executive order couldn???t come at a more critical time. The Biden administration was challenged with two cybersecurity incidents in the first 100 days ??? SolarWinds and Microsoft Exchange. Note that the session must have been pre-recorded because she didn???t even mention a third attack that disrupted the Colonial Pipeline. The incidents proved three major lessons: Adversaries will look for any opening to attack, including the government???s suppliers. Partnerships are critical. The government needs the private sector, and the private sector needs the government. The government needs to modernize cybersecurity defenses. ???[These lessons prove that] we need to shift our mindset from incident response to prevention,??? said Neuberger. ???We simply cannot let waiting for the next shoe to drop be the status quo under which we operate.??? In the software development world, we call this being stuck in a ???break/fix??? mentality. It is better to build a software development process that causes less ???breaks.??? That enables you to deliver more software with less failures. We are starting to see cybersecurity learn from software development principals, shifting our cybersecurity problems to the left. Breaches are more detrimental than most organizations realize. Neuberger noted two staggering statistics. In 2019, Accenture reported an average company spends $13 million per breach. And CIS and McAfee reported that cybercrime cost 1 percent of global GDP in 2018. Organizations are far better off spending the money to secure their applications, including demanding better from their vendors, than waiting for a breach. How many small businesses, schools, hospitals, or government agencies have an extra $13 million to spend on an unexpected breach? What Neuberger didn???t mention is that that same study from Accenture cited an increase of 67 percent in cyberattacks over the past five years. And if cyberattacks continue at this velocity, Accenture calculates a total value at risk of $5.2 trillion globally over the next five years. The president???s approach is proactive and includes modernizing cyber defenses, returning to a more active role in cybersecurity internationally, and ensuring that America has a better posture to compete. It was the SolarWinds breach that opened our eyes to the fact that we don???t have modern cyber defenses in place. Software supply chain security is of particular concern. ???The current model of build, sell, and maybe patch means that the products the federal government buys often have defects and vulnerabilities that developers are accepting as the norm with the expectation that they can patch later. Or perhaps they ship software with defects and vulnerabilities that they don???t think merit fixes ??ｦ. That???s not acceptable,??? said Neuberger. ???Security has to be a basic design consideration.??? ﾂ?ﾂ? Neuberger hinted that the executive order might require federal vendors to build software in a secure development environment. And that software leveraged by the federal government should include strong authentication, encryption and limit privileges. As for preexisting critical infrastructure that was built before the Internet, the orde]]> 2021-05-21T12:06:56+00:00 https://www.veracode.com/blog/security-news/live-rsac-anne-neuberger-addresses-president-bidens-executive-order www.secnews.physaphae.fr/article.php?IdArticle=2821368 False Ransomware Uber None Veracode - Application Security Research, News, and Education Blog Chris Wysopal, Co-Founder and CTO at Veracode, and Joshua Corman, Chief Strategist of Healthcare and COVID at CISA, presented at the 2021 RSA Conference on AppSec???s future and the need for a new Chief Product Security Officer (CPSO) role. Wysopal started by quoting entrepreneur Marc Andreessen saying, ???Software is eating the world,??? to express just how much we rely on technology. From our iPhones and laptops to our cars and even our refrigerators ??ｦ software is everywhere. If we look back at the rise of software, it was largely used originally to automate manual processes in the back office of businesses, like banking software for a teller. But now, we are using software to deliver products to a customer, like a mobile banking application. So as Wysopal stated, ???There???s not just more software. There are different kinds of software.??? And this software that???s being released as products to customers has added risk. Using the mobile banking application as an example, Wysopal noted that it???s riskier to use a customer-facing application to conduct your banking than it is to go to the bank and have a teller use the back-end software. More people have access to the mobile banking application, and anyone in the world could connect to the APIs. And the risk associated with software products is only going to continue to grow. Consider the way we are creating apps now: APIs are the bloodstream. Each microservice, serverless, container, or public API is more attack surface. Applications that connect with social networking create more attack surface. Migrating to new software and forgetting to retire legacy software leads to more attack surface. And there is risk with new software trends as well. For example, ubiquitous connectivity is the standard mode for any product now. Abstraction and componentization are also big trends. Instead of writing code, we now frequently use a library or write a script to instruct something else to be built. It???s great to build applications quickly, but it changes the way you have to think about security and supply chain. That???s why we need a CPSO role, not just a Chief Information Security Officer (CISO). A CISO is concerned about compliance and protecting the company???s brand, but a CPSO would be responsible for managing product risk. Product risk spans so many departments ??? like engineering, compliance, supplier management, and information risk ??? and will likely span even more departments over the next few years. CISOs have too much on their plate to be able to take on product risk. Corman mentions that many healthcare organizations have started adding a CPSO-type role to their organizations and others should follow suit. Especially given the increase in software breaches. As mentioned in our blog outlining Anne Neuberger???s RSAC address, cyberattacks have increased by 67 percent in the past five years. And many of these breaches ??? like SolarWinds and Microsoft Exchange ??? are having national security implications. In fact, the Biden administration recently released an executive order to safeguard U.S. cybersecurity. So having a role that is dedicated to managing product risk is not only beneficial but arguably essential. For more summaries of RSA Conference 2021 sessions, check the Veracode Blog,]]> 2021-05-20T17:34:42+00:00 https://www.veracode.com/blog/managing-appsec/live-rsac-appsecs-future-and-rise-chief-product-security-officer www.secnews.physaphae.fr/article.php?IdArticle=2818136 False Guideline Uber 2.0000000000000000 Veracode - Application Security Research, News, and Education Blog Chris Wysopal, Veracode Co-Founder and CTO, recently sat down with Tom Field, ISMG Senior Vice President of Editorial, for an executive interview at the RSA Conference 2021 to discuss if digital transformations are making application security (AppSec) ???headless.??? Headless AppSec is an interesting concept. AppSec was traditionally part of the security role. But, as companies become increasingly digital, it???s too time-consuming for developers to hand off AppSec scans to security. To combat the hand-off, companies have been moving AppSec scans to the development role. But without the right processes in place and without security knowledge, AppSec scans can be just as laborious in the development phase. The ultimate goal is to make security ???headless??? or managed as part of code instead of a separate task. The pandemic is definitely expediating this shift to headless AppSec. As Wysopal stated, ???There???s no doubt that Covid-19 has accelerated all the things that companies were doing anyway, but on a much longer path.??? Many companies were in the process of a digital transformation but ??? when the pandemic hit ??? they realized that in order to be competitive in the market, they needed to ramp up their shift to digital and move to the cloud for more flexibility. The pandemic has also caused organizations to change the way that they???re building software. The market is more competitive than ever. So, to keep up, organizations need to iterate quickly and go to market faster. In fact, many organizations are coming up with a new feature in a day and going to production in a day. ﾂ? But this speed is proving the need for headless AppSec. You can no longer have different teams building code, testing code, etc. You need to automate these processes and have them handled by one team. Ideally, the developers should be able to not only write code but also diagnose bugs and put fixes in place. ﾂ?For example, infrastructure itself is becoming very dynamic and programable. Consider the rise of microservices, container security, and Kubernetes. It???s pushing all the things operations used to do into code so that developers can control it.ﾂ? Development and operations aren???t the only two functions that should be on the same team, security should be as well. Security tools should be put in the developer pipeline so they can remediate flaws without having to connect with security personnel. Wysopal advocates for a security champions program to help train interested developers in security best practices. These developers can act as the voice of security on their scrum teams, eliminating the need for a security hand-off. And all security tools should be automated into the developers existing tools and processes so that they don???t have to spend additional time conducting AppSec scans. This automation could open the door to machine learning and artificial intelligence. Machine learning thrives off data sets from automation. It can evaluate scan data and code that was previously remediated to come up with rules for auto-remediation. If AppSec scans are automated and remediation is automated, that would be the ultimate form of headless AppSec. According to Wysopal, auto-remediation is a very real possibility and we should be seeing it by the end of the year. For more updates on the RSA Conference 2021, check out the Veracode Blog, daily.]]> 2021-05-20T16:59:46+00:00 https://www.veracode.com/blog/managing-appsec/live-rsac-digital-transformation-making-appsec-headless www.secnews.physaphae.fr/article.php?IdArticle=2818137 False None Uber 4.0000000000000000 Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-05-19T20:24:50+00:00 https://threatpost.com/nanotech-secure-iot-devices/166324/ www.secnews.physaphae.fr/article.php?IdArticle=2812959 False None Uber None InfoSecurity Mag - InfoSecurity Magazine 2021-05-18T17:52:00+00:00 https://www.infosecurity-magazine.com:443/news/biden-modernize-us-cyber-defenses/ www.secnews.physaphae.fr/article.php?IdArticle=2806818 False None Uber None TechRepublic - Security News US 2021-05-13T17:47:50+00:00 https://www.techrepublic.com/article/loft-labs-introduces-and-open-sources-virtual-kubernetes-clusters/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2781043 False None Uber None Wired Threat Level - Security News 2021-05-11T23:56:55+00:00 https://www.wired.com/story/biden-deal-uber-lyft-name-vaccines www.secnews.physaphae.fr/article.php?IdArticle=2770868 False None Uber,Uber None SecurityWeek - Security News 2021-05-05T13:41:32+00:00 http://feedproxy.google.com/~r/Securityweek/~3/LqC-VFZ_EI4/red-hat-open-sourcing-stackrox-security-technology www.secnews.physaphae.fr/article.php?IdArticle=2742164 False None Uber None TroyHunt - Blog Security 2021-04-29T20:02:06+00:00 https://arstechnica.com/?p=1761333 www.secnews.physaphae.fr/article.php?IdArticle=2716862 False None Uber,Uber None Veracode - Application Security Research, News, and Education Blog Following President Biden???s address to Congress last night in which he referenced cybersecurity as a priority twice, news is circulating today that the executive order on cybersecurity is imminent. This news comes as a much awaited and long overdue step towards creating standardization and structure around cybersecurity. Anne Neuberger, the deputy national security advisor for cyber and emerging technology, says the order will be like the National Transportation Safety Board, or NTSB, for cyber. ???What can we learn with regard to how we get advance warning of such incidents,??? she recently told reporters. She also notes that this executive order will be a starting point that should eventually trickle down to the consumer market as well. ???If we start incentivizing security, then companies, [and] the market will then inherently prioritize it because more people will buy the product,??? she says. From my perspective, I am happy that this topic is finally coming full circle. In 2013, Chris Wysopal addressed this very topic in a keynote at RVASec where he discussed ???The Future of Government Sharing.???ﾂ? In fact, Chris started creating awareness with the federal government 23 years ago when he and some colleagues from hacker thinktank the L0pht testified to Congress in efforts to expose the risks and threats of cybersecurity. Eight years later, I joined Chris when he launched Veracode to actually start solving the critical problem of software security ??? together we focused on helping developers and security teams on not just finding but also fixing vulnerabilities in their software (developed in-house, open source or third-party purchased). Just last month on International Women???s Day, I sat down with The New York Times cybersecurity reporter Nicole Perlroth and OWASP board member Vandana Verma to discuss this topic at an RSA Conference Podcast ??? sharing that Veracode???s recent research revealed that 66 percent of applications fail to meet the OWASP Top 10 standards, meaning they have a major vulnerability. This highlights that there is work to be done and we must embed security testing into the software development lifecycle so, as developers write code, they write securely. In that discussion, Perlroth said, ???We can???t be trying to band-aid on these fixes after vulnerable code has already made its way to users, but also into critical infrastructure ??ｦ We need to think about security and security design from the start. We have to start bringing in security engineers from the very beginning.??? Part of making software more secure involves integrating security into the software development lifecycle and training developers. We should not expect secure code if we haven???t established clarity on what good looks like, equipped developers with the right guidance, the right knowledge, and the right tools. The executive order has been a long time coming, and I hope it establishes what the right expectations and accountability should be. We must put structure and standardization around cyber and software security, and there are a number of great examples on how this has been done successfully. One of our customers, an educational software vendor, joined the Veracode Verified program in order to provide evidence of its security processes and]]> 2021-04-29T15:20:23+00:00 https://www.veracode.com/blog/security-news/executive-order-cybersecurity-imminent-its-been-long-time-coming www.secnews.physaphae.fr/article.php?IdArticle=2716617 False None Uber None TechRepublic - Security News US 2021-04-28T19:10:05+00:00 https://www.techrepublic.com/article/in-new-release-openstack-wallaby-reaches-out-to-kubernetes/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2710506 False None Uber None Wired Threat Level - Security News 2021-04-28T11:00:00+00:00 https://www.wired.com/story/brennan-williams-mace-jibo-wwe-vtubing www.secnews.physaphae.fr/article.php?IdArticle=2707880 False None Uber None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC blog post that the version contained 42 enhancements. Of those enhancements, 16 entered into alpha, while the remainder moved to beta or graduated to stable at 15 and 11, respectively. That’s not all that was in Kubernetes version 1.20, however. The new release also came with the announcement of dockershim’s forthcoming deprecation. This blog post will discuss what this change means to admins and provide some recommendations on how admins can respond. Before we do that, however, we need to cover the basics of how dockershim relates to Kubernetes and why the platform decided to deprecate the component in the first place. An Overview of Dockershim Dockershim is a module used by the kubelet to support Container Runtime Interface (CRI) for Docker. Released back with Kubernetes version 1.5 in 2016, CRI is a plugin that allows the kubelet to use different container runtimes without recompiling. Those Kubernetes-supported software that are responsible for containers include containerd, CRI-O and Docker for the next few months, at least. The issue with dockershim is that this container runtime predates Kubernetes’ release of CRI. As noted in its documentation, Kubernetes’ early releases offered compatibility with just one container runtime: Docker. That changed as time went on and as cluster operators expressed the desire to interact with other container runtimes. Kubernetes created CRI to help those cluster operators, but as its support of Docker came before CRI, the container orchestration platform had to come up with an adaptor component that helped the kubelet interact with the Docker container runtime as if it were a CRI compatible runtime. This led to the emergence of dockershim. Keeping dockershim around ultimately created problems for Kubernetes, however. The issue here is that the kubelet needs to call another component—dockershim—before it can interact with continerd, CRI-O or another supported CRI. It’s a middle man that complicates container runtimes for the platform as a whole. Indeed, in the words of Kubernetes, “that’s not great, because it gives us another thing that has to be maintained and can possibly break.” Dockershim was only meant to be a temporary solution. Acknowledging that fact, the task of maintaining dockershim had become sufficiently problematic by the end of 2020 that it placed “a heavy burden on the Kubernetes maintainers,” according to the platform. Hence Kubernetes’ decision to deprecate the component. Going forward, Kubernetes will inform administrators of this deprecating issue starting in version 1.20. As explained by StackRox in a blog post: If you currently use a managed Kubernetes service or a distribution like OpenShift, your provide]]> 2021-04-28T10:00:00+00:00 https://feeds.feedblitz.com/~/650251542/0/alienvault-blogs~What-Docker-runtime-deprecation-means-for-your-Kubernetes www.secnews.physaphae.fr/article.php?IdArticle=2707520 False None Uber None Veracode - Application Security Research, News, and Education Blog You???ve heard of DevOps. And by now, you???ve probably also heard of DevSecOps, which extends DevOps principles into the realm of security. In DevSecOps, security breaks out of its ???silo??? and becomes a core part of the DevOps lifecycle. That, at least, is the theory behind DevSecOps. What???s often more challenging for developers to figure out is how to apply DevSecOps in practice. Which tools and processes actually operationalize DevSecOps? Until you can answer that question, DevSecOps will be just another buzzword. To help bridge the gap between theory and practice, let???s walk through what DevSecOps means from a practical perspective, and how to go about embedding it into your development workflows. DevSecOps, defined If you???re familiar with DevOps (which encourages collaboration between developers and IT operations engineers in order to speed application delivery), then the meaning of DevSecOps is easy enough to understand. DevSecOps adds security operations teams into the equation so that they can collaborate seamlessly with developers and IT engineers. DevSecOps places a DevOps spin on basic security concepts. Just as DevOps encourages continuous delivery, DevSecOps is all about continuous security ??? meaning the constant and holistic management of security across the software development lifecycle. Similarly, DevSecOps encourages continuous improvement in the realm of security ??? meaning that no matter how secure you believe your environment is, you should always be looking for ways to improve your security posture even further. DevSecOps in practice These are all great ideas to talk about, and it???s easy to see why they are valuable. Security postures are indeed stronger when developers, IT engineers, and security engineers work together, rather than working in isolation. It???s much easier to optimize security when developers prioritize security with every line of code they write, and when IT engineers think about the security implications of every deployment they push out, rather than viewing security as something that someone else will handle down the line. The big question for teams that want to embrace DevSecOps, though, is how to go about putting these ideas into practice. That???s where things can get tougher. There is no simple methodology that allows you to ???do??? DevSecOps. Nor is there a specific tool that you can deploy or a particular role that you can add to your team. Instead, operationalizing DevSecOps means building holistic combinations of processes and tools that make it possible to integrate security into DevOps workflows. While the best approach to this will vary from team to team, the following are some general best practices for implementing DevSecOps. Scanning early and often One basic step toward implementing DevSecOps is to ensure that you perform security tests and audits at the beginning of the software delivery pipeline. You don???t want to wait until code is written and built to start testing it for flaws (and you certainly don???t want to let it get into production before testing it). Instead, you should be scanning code as it is written, by integrating security tooling directly into your IDEs if possible. Importantly, security scanning should continue as code ???flows??? down the pipeline. You should scan your test builds and application release candidates before deployment. Security monitoring and auditing should also continue once code is in production. Automation Automation is a founding principle of DevOps, and it???s just as important to DevSecOps. Automation not only makes processes faster and more efficient, but also helps reduce friction between the different stakeholders in DevSecOps]]> 2021-04-19T09:05:28+00:00 https://www.veracode.com/blog/secure-development/devsecops-practice-how-embed-security-devops-lifecycle www.secnews.physaphae.fr/article.php?IdArticle=2665989 False Tool Uber 3.0000000000000000 TroyHunt - Blog Security 2021-04-16T11:41:36+00:00 https://arstechnica.com/?p=1757299 www.secnews.physaphae.fr/article.php?IdArticle=2652183 False None Uber None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-04-14T20:56:27+00:00 https://threatpost.com/security-bug-brick-kubernetes-clusters/165413/ www.secnews.physaphae.fr/article.php?IdArticle=2641177 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2021-04-13T20:15:20+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28448 www.secnews.physaphae.fr/article.php?IdArticle=2633982 False None Uber None TechRepublic - Security News US 2021-04-09T15:50:00+00:00 https://www.techrepublic.com/article/canonical-announces-enterprise-support-for-kubernetes-1-21-from-the-cloud-to-the-edge/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2612429 False Patching Uber None TechRepublic - Security News US 2021-04-08T18:37:44+00:00 https://www.techrepublic.com/article/minio-adds-key-management-tools-to-its-kubernetes-object-storage-product/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2606537 False None Uber None TroyHunt - Blog Security 2021-04-07T19:10:37+00:00 https://arstechnica.com/?p=1755140 www.secnews.physaphae.fr/article.php?IdArticle=2600578 False None Uber,Uber None Schneier on Security - Chercheur Cryptologue Américain reporting on a cell phone cloning scam. The scammer convinces the victim to lend them their cell phone, and the scammer quickly clones it. What’s clever about this scam is that the victim is an Uber driver and the scammer is the passenger, so the driver is naturally busy and can’t see what the scammer is doing. ]]> 2021-04-06T11:05:07+00:00 https://www.schneier.com/blog/archives/2021/04/phone-cloning-scam.html www.secnews.physaphae.fr/article.php?IdArticle=2592543 False None Uber,Uber None Fortinet - Fabricant Materiel Securite ]]> 2021-04-05T00:00:00+00:00 http://feedproxy.google.com/~r/fortinet/blogs/~3/PpL5QeRFakg/fortinet-adaptive-cloud-security-cloud-native-security-protect-containers www.secnews.physaphae.fr/article.php?IdArticle=2589581 False None Uber None TroyHunt - Blog Security 2021-03-22T18:51:15+00:00 https://arstechnica.com/?p=1751239 www.secnews.physaphae.fr/article.php?IdArticle=2518457 False None Uber None Security Affairs - Blog Secu 2021-03-19T20:23:13+00:00 https://securityaffairs.co/wordpress/115755/security/amazon-elastic-kubernetes-service-eks.html?utm_source=rss&utm_medium=rss&utm_campaign=amazon-elastic-kubernetes-service-eks www.secnews.physaphae.fr/article.php?IdArticle=2507832 False None Uber None TroyHunt - Blog Security 2021-03-18T17:27:13+00:00 https://arstechnica.com/?p=1750454 www.secnews.physaphae.fr/article.php?IdArticle=2501589 False None Uber,Uber None Wired Threat Level - Security News 2021-03-17T20:08:53+00:00 https://www.wired.com/story/uber-uk-drivers-workers-not-employees www.secnews.physaphae.fr/article.php?IdArticle=2497629 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-03-16T21:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20218 www.secnews.physaphae.fr/article.php?IdArticle=2492900 False Vulnerability,Threat Uber None TechRepublic - Security News US 2021-03-16T15:48:59+00:00 https://www.techrepublic.com/article/simplifying-the-mystery-when-to-use-docker-docker-compose-and-kubernetes/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2491216 False None Uber None InfoSecurity Mag - InfoSecurity Magazine 2021-03-15T11:30:00+00:00 https://www.infosecurity-magazine.com:443/news/uber-and-lyft-pool-driver-info/ www.secnews.physaphae.fr/article.php?IdArticle=2485441 False None Uber None ZD Net - Magazine Info 2021-03-12T11:38:31+00:00 https://www.zdnet.com/article/uber-lyft-to-share-data-on-drivers-banned-for-sexual-physical-assault/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2473827 False None Uber None CVE Liste - Common Vulnerability Exposure 2021-03-10T22:15:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21334 www.secnews.physaphae.fr/article.php?IdArticle=2465000 False Vulnerability Uber None Wired Threat Level - Security News 2021-03-05T13:00:00+00:00 https://www.wired.com/story/gig-companies-fear-worker-shortage-despite-recession www.secnews.physaphae.fr/article.php?IdArticle=2438719 False None Uber,Uber None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC microservices to facilitate their ongoing digital transformations. According to ITProPortal, more than three quarters (77%) of software engineers, systems and technical architects, engineers and decision makers said in a 2020 report that their organizations had adopted microservices. Almost all (92%) of those respondents reported a high level of success. (This could explain why 29% of survey participants were planning on migrating the majority of their systems to microservices in the coming years.) Containers played a big part in some of those surveyed organizations’ success stories. Indeed, 49% of respondents who claimed “complete success” with their organizations’ microservices said that they had deployed at least three quarters of those microservices in containers. Similarly, more than half (62%) of the report’s participants said that their organizations were deploying at least some of their microservices using containers. The benefits and challenges of microservices Microservices present numerous opportunities to organizations that adopt them. They are smaller in size, notes Charter Global, which makes it possible to maintain code and add more features in a shorter amount of time. Organizations also have the option of deploying individual microservices independently of one another, thereby feeding a more dynamic release cycle, as well as of scaling these services horizontally. Notwithstanding those benefits, microservices introduce several security challenges. Computer Weekly cited complexity as the main security issue. Without a uniform way of designing them, admins can design microservices in different environments with different communication channels and programming languages. All of this variety introduces complexity that expands the attack surface. So too does the growing number of microservices. As they scale their microservices to fulfill their evolving business needs, organizations need to think about maintaining the configurations for all of those services. Monitoring is one answer, but they can’t rely on manual processes to obtain this level of visibility. Indeed, manual monitoring leaves too much room for human error to increase the level of risk that these services pose to organizations. Kubernetes as an answer Fortunately, Kubernetes can help organizations to address these challenges associated with their microservices architecture. Admins can specifically use the popular container management platform to maintain their microservices architecture by isolating, protecting and controlling workload through the use of Network Policies, security contexts enforced by OPA Gatekeeper and secrets management. Kubernetes network policies According to Kubernetes’ documentation, groups of containers called “pods” are non-isolated by default. They accept traffic from any source in a standard deployment. This is dangerous, as attackers could subsequently leverage the compromise of one pod to move laterally to any other pod within the cluster. Admins can isolate these pods by creating a Network Policy. These components ]]> 2021-03-04T11:00:00+00:00 https://feeds.feedblitz.com/~/645641730/0/alienvault-blogs~Tips-for-minimizing-security-risks-in-your-microservices www.secnews.physaphae.fr/article.php?IdArticle=2432731 False None Uber None TroyHunt - Blog Security 2021-03-03T20:38:03+00:00 https://arstechnica.com/?p=1746803 www.secnews.physaphae.fr/article.php?IdArticle=2430177 False None Uber None SecurityWeek - Security News 2021-03-03T19:21:06+00:00 http://feedproxy.google.com/~r/Securityweek/~3/waMqRyeIPQQ/new-ciso-hires-uber-square-sailpoint www.secnews.physaphae.fr/article.php?IdArticle=2429669 False Guideline Uber,Uber 5.0000000000000000 TechRepublic - Security News US 2021-03-03T17:51:31+00:00 https://www.techrepublic.com/article/how-to-quickly-validate-your-kubernetes-configuration-files/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2429088 False Tool Uber None CVE Liste - Common Vulnerability Exposure 2021-02-25T23:15:16+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24109 www.secnews.physaphae.fr/article.php?IdArticle=2401542 False None Uber 3.0000000000000000