#CVE #Vim
Be careful even in #Linux when you open a file from unfamiliar sources!
And don't use Vim with default config (or cat without -v):
https://thehackernews.com/2019/06/linux-vim-vulnerability.html?m=1
Be careful even in #Linux when you open a file from unfamiliar sources!
And don't use Vim with default config (or cat without -v):
https://thehackernews.com/2019/06/linux-vim-vulnerability.html?m=1
#hack #music #ransomware
A little to the side, but yes, never pay the ransom!
https://techcrunch.com/2019/06/11/radiohead-hack/
A little to the side, but yes, never pay the ransom!
https://techcrunch.com/2019/06/11/radiohead-hack/
TechCrunch
Some sage security advice after Radiohead’s unreleased music hack
Bad news: Radiohead was hacked. Last week, a hacker stole the band's lead singer Thom Yorke's private minidisk archive from the band's third album and
#hack #password
On the one hand, yes, it probably should have been done long ago.
With another — I wonder how much it will affect those who are using haveibeenpwned API:
https://www.troyhunt.com/project-svalbard-the-future-of-have-i-been-pwned/
On the one hand, yes, it probably should have been done long ago.
With another — I wonder how much it will affect those who are using haveibeenpwned API:
https://www.troyhunt.com/project-svalbard-the-future-of-have-i-been-pwned/
Troy Hunt
Project Svalbard: The Future of Have I Been Pwned
Back in 2013, I was beginning to get the sense that data breaches were becoming a big thing. The prevalence of them seemed to be really ramping up as was the impact they were having on those of us that found ourselves in them, myself included. Increasingly…
#k8s
Oh, there was a #video – I need to find time to listen to at least a few.
https://www.youtube.com/playlist?list=PLj6h78yzYM2PpmMAnvpvsnR4c27wJePh3
Oh, there was a #video – I need to find time to listen to at least a few.
https://www.youtube.com/playlist?list=PLj6h78yzYM2PpmMAnvpvsnR4c27wJePh3
YouTube
KubeCon + CloudNativeCon Europe 2019 (Barcelona) - YouTube
#CVE #Exim
In the discussion, some mention the lack of antivirus for #Linux. It seems to me that regular backups (and checking from deployment) are more important. Not to mention the updates.
https://www.exim.org/static/doc/security/CVE-2019-10149.txt
https://habr.com/en/post/455598/
In the discussion, some mention the lack of antivirus for #Linux. It seems to me that regular backups (and checking from deployment) are more important. Not to mention the updates.
https://www.exim.org/static/doc/security/CVE-2019-10149.txt
https://habr.com/en/post/455598/
Хабр
Срочно обновляйте exim до 4.92 — идёт активное заражение
Коллеги, кто использует на своих почтовых серверах Exim версий 4.87...4.91 — срочно обновляйтесь до версии 4.92, предварительно остановив сам Exim во избежание в...
Official response from #Google about #OAuth in #tests
https://issuetracker.google.com/issues/67954589
https://issuetracker.google.com/issues/67954589
DevTestSecOps
#CVE #Exim In the discussion, some mention the lack of antivirus for #Linux. It seems to me that regular backups (and checking from deployment) are more important. Not to mention the updates. https://www.exim.org/static/doc/security/CVE-2019-10149.txt …
https://vc.ru/services/67801-yandeks-obyasnil-oshibkoy-udalenie-virtualnyh-mashin-chasti-polzovateley-oblaka
#Yandex explained that deleting #VM was accidental human error.
Again, #cloud != #backup
#Yandex explained that deleting #VM was accidental human error.
Again, #cloud != #backup
#k8s #failure
An interesting selection, I will have to get acquainted with:
https://github.com/hjacobs/kubernetes-failure-stories
An interesting selection, I will have to get acquainted with:
https://github.com/hjacobs/kubernetes-failure-stories
GitHub
GitHub - hjacobs/kubernetes-failure-stories: Compilation of public failure/horror stories related to Kubernetes
Compilation of public failure/horror stories related to Kubernetes - hjacobs/kubernetes-failure-stories
Forwarded from DOFH - DevOps from hell
https://access.redhat.com/security/vulnerabilities/tcpsack
+
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
В ядре Linux проблемы устранены в выпусках 4.4.182, 4.9.182, 4.14.127, 4.19.52 и 5.1.11. Исправление для FreeBSD доступно в виде патча. В дистрибутивах обновления пакетов с ядром уже выпущено для Debian, RHEL, SUSE/openSUSE. Исправление в процессе подготовки в Ubuntu, Fedora и Arch Linux.
www.opennet.ru/opennews/art.shtml?num=50889
+
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
В ядре Linux проблемы устранены в выпусках 4.4.182, 4.9.182, 4.14.127, 4.19.52 и 5.1.11. Исправление для FreeBSD доступно в виде патча. В дистрибутивах обновления пакетов с ядром уже выпущено для Debian, RHEL, SUSE/openSUSE. Исправление в процессе подготовки в Ubuntu, Fedora и Arch Linux.
www.opennet.ru/opennews/art.shtml?num=50889
Red Hat Customer Portal
TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479 | Red Hat Customer Portal
Access Red Hat’s knowledge, guidance, and support through your subscription.