sec21fall-heinrich.pdf
562.4 KB
PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop
Evolving Kubernetes networking with the Gateway API
https://kubernetes.io/blog/2021/04/22/evolving-kubernetes-networking-with-the-gateway-api/
https://kubernetes.io/blog/2021/04/22/evolving-kubernetes-networking-with-the-gateway-api/
Kubernetes
Evolving Kubernetes networking with the Gateway API
The Ingress resource is one of the many Kubernetes success stories. It created a diverse ecosystem of Ingress controllers which were used across hundreds of thousands of clusters in a standardized and consistent way. This standardization helped users adopt…
GitHub - microsoft/wslg: Enabling the Windows Subsystem for Linux to include support for Wayland and X server related scenarios
https://github.com/microsoft/wslg
https://github.com/microsoft/wslg
GitHub
GitHub - microsoft/wslg: Enabling the Windows Subsystem for Linux to include support for Wayland and X server related scenarios
Enabling the Windows Subsystem for Linux to include support for Wayland and X server related scenarios - microsoft/wslg
GitLab 13.11 released with Kubernetes Agent and Pipeline Compliance | GitLab
https://about.gitlab.com/releases/2021/04/22/gitlab-13-11-released/
https://about.gitlab.com/releases/2021/04/22/gitlab-13-11-released/
GitLab
GitLab 13.11 released with Kubernetes Agent and Pipeline Compliance
GitLab 13.11 released with Kubernetes Agent, Compliant Pipelines, and features for speedier pipelines - and much more!
Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
https://www.cybereason.com/blog/prometei-botnet-exploiting-microsoft-exchange-vulnerabilities
https://www.cybereason.com/blog/prometei-botnet-exploiting-microsoft-exchange-vulnerabilities
Cybereason
Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
The multi-stage cryptocurrency botnet has been observed exploiting the Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate networks...
Response to Qlocker Ransomware Attacks: Take Actions to Secure QNAP NAS
https://www.qnap.com/en/news/2021/response-to-qlocker-ransomware-attacks-take-actions-to-secure-qnap-nas
https://www.qnap.com/en/news/2021/response-to-qlocker-ransomware-attacks-take-actions-to-secure-qnap-nas
Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
https://www.trendmicro.com/en_us/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html
https://www.trendmicro.com/en_us/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html
Trend Micro
Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
We found a botnet malware campaign targeting Linux systems, abusing the Tor network for proxies, and exploiting cloud infrastructure management tools for intrusion.
Detecting Secrets to Reduce Attack Surface
В настоящее время нет (или мало) публично доступных инструментов с открытым исходным кодом для обнаружения секретов в образах контейнеров. Авторы рассказывают про инструмент с открытым исходным кодом SecretScanner который предназначен для обнаружения секретов, которые хранятся в образах непреднамеренно или по ошибке дизайна образа
Примеры секретов:
- пароли пользователей
- автоматически сгенерированные пароли
- пароли от БД
- SSH ключи
- API ключи
- авторизационные ключи
- токены
- SSL сертификаты
https://medium.com/deepfence-cloud-native-security/detecting-secrets-to-reduce-attack-surface-3405ee6329b5
В настоящее время нет (или мало) публично доступных инструментов с открытым исходным кодом для обнаружения секретов в образах контейнеров. Авторы рассказывают про инструмент с открытым исходным кодом SecretScanner который предназначен для обнаружения секретов, которые хранятся в образах непреднамеренно или по ошибке дизайна образа
Примеры секретов:
- пароли пользователей
- автоматически сгенерированные пароли
- пароли от БД
- SSH ключи
- API ключи
- авторизационные ключи
- токены
- SSL сертификаты
https://medium.com/deepfence-cloud-native-security/detecting-secrets-to-reduce-attack-surface-3405ee6329b5
GitHub
GitHub - deepfence/SecretScanner: :unlock: Find secrets and passwords in container images and file systems :unlock:
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock: - GitHub - deepfence/SecretScanner: :unlock: Find secrets and passwords in container images and f...
About the security content of iOS 14.5 and iPadOS 14.5 - Apple Support
Довольно много патчей от Apple устраняющих достаточное количество уязвимостей
https://support.apple.com/en-us/HT212317
Довольно много патчей от Apple устраняющих достаточное количество уязвимостей
https://support.apple.com/en-us/HT212317
Apple Support
About the security content of iOS 14.5 and iPadOS 14.5
This document describes the security content of iOS 14.5 and iPadOS 14.5.
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - SentinelLabs
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
SentinelOne
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - SentinelLabs
A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there's no patch in sight.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Linux Security Module Usage
https://www.kernel.org/doc/html/v4.15/admin-guide/LSM/index.html
…
KubeArmor
https://github.com/accuknox/KubeArmor#getting-started
https://www.kernel.org/doc/html/v4.15/admin-guide/LSM/index.html
…
KubeArmor
https://github.com/accuknox/KubeArmor#getting-started
GitHub
GitHub - kubearmor/KubeArmor: Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive…
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor). - kubearmor/KubeArmor
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure
https://discuss.hashicorp.com/t/hcsec-2021-12-codecov-security-event-and-hashicorp-gpg-key-exposure/23512
https://discuss.hashicorp.com/t/hcsec-2021-12-codecov-security-event-and-hashicorp-gpg-key-exposure/23512
HashiCorp Discuss
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure
Bulletin ID: HCSEC-2021-12 Publication Date: April 22, 2021 Summary HashiCorp was impacted by a security incident with a third party (Codecov) that led to potential disclosure of sensitive information. As a result, the GPG key used for release signing…
Управление рисками цепочек поставок от NIST/CISA
Агентство по кибербезопасности и инфраструктурной безопасности (CISA) и Национальный институт стандартов и технологий (NIST) предоставляют информацию об атаках на цепочку поставок программного обеспечения, связанных с ними рисках и о том, как организации могут эти риски могут смягчить
https://csrc.nist.gov/projects/cyber-supply-chain-risk-management
Агентство по кибербезопасности и инфраструктурной безопасности (CISA) и Национальный институт стандартов и технологий (NIST) предоставляют информацию об атаках на цепочку поставок программного обеспечения, связанных с ними рисках и о том, как организации могут эти риски могут смягчить
https://csrc.nist.gov/projects/cyber-supply-chain-risk-management
CSRC | NIST
Cybersecurity Supply Chain Risk Management | CSRC | CSRC
Cybersecurity Supply Chain Risk Management (C-SCRM) involves identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of Information Communications Technology and Operational Technology (ICT/OT) product and…
Fedora Linux 34 is officially here! - Fedora Magazine
https://fedoramagazine.org/announcing-fedora-34/
What's new in Fedora:
https://fedoramagazine.org/whats-new-fedora-34-workstation/
https://fedoramagazine.org/announcing-fedora-34/
What's new in Fedora:
https://fedoramagazine.org/whats-new-fedora-34-workstation/
Fedora Magazine
Fedora Linux 34 is officially here! - Fedora Magazine
Fedora Linux 34 is released and ready for you to install or upgrade today.
SSHing to my Raspberry Pi 400 from a browser, with Cloudflare Tunnel and Auditable Terminal
https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
The Cloudflare Blog
SSHing to my Raspberry Pi 400 from a browser, with Cloudflare Tunnel and Auditable Terminal
This is how I set up a Pi 400 on my home network, used Cloudflare Tunnel to connect it to the Cloudflare network, used Auditable Terminal to connect to the Pi 400 via Cloudflare and the tunnel using nothing more than a browser.
The NGINX Handbook
https://www.freecodecamp.org/news/the-nginx-handbook/amp/
https://www.freecodecamp.org/news/the-nginx-handbook/amp/
freeCodeCamp.org
The NGINX Handbook – Learn NGINX for Beginners
A young Russian developer named Igor Sysoev was frustrated by older web servers' inability to handle more than 10 thousand concurrent requests. This is a problem referred to as the C10k problem. As an answer to this, he started working on a new web s...
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel
https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html?m=1
https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html?m=1
Cisco Talos Blog
Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel
Lilith >_> and Claudio Bozzato of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel.
The Linux Kernel is the free and open-source core of Unix-like…
Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel.
The Linux Kernel is the free and open-source core of Unix-like…
Chrome 90.0.4430.93 for Windows, Mac and Linux which will roll out over the coming days/weeks
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 90.0.4430.93 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list...
APT trends report Q1 2021
https://securelist.com/apt-trends-report-q1-2021/101967/
https://securelist.com/apt-trends-report-q1-2021/101967/
Securelist
APT trends report Q1 2021
This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in…
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
SharePoint в опасносте..
https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html
SharePoint в опасносте..
https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html
Trend Micro
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
We discuss the technical features of a Hello ransomware attack, including its exploitation of CVE-2019-0604 and the use of a modified version of the China Chopper web shell.