An Elastic Security Advisory (ESA) is a notice from Elastic to its users of a new Elasticsearch vulnerability. The vendor assigns both a CVE and an ESA identifier to each advisory along with a summary and remediation details. When Elastic receives an issue, they evaluate it and, if the vendor decides it is a vulnerability, work to fix it before releasing a remediation in a timeframe that matches the severity.
The first time I created a cloud compute instance, then still called a “Cloud VM”, was an almost transcendent moment. It was like magic. I was at my first organization which had adopted the cloud, in my first DevOps position, and I immediately knew that the world had changed.
Before we dive into the gap in cloud network security, let’s take a step back. If you’ve been in Operations for a while, you might remember how it used to be. “Network” was a team. When you needed to open a port on the network, you had to provide an exhaustive definition of the change, explaining what port you needed, what external addresses should be able to reach it, and where it should be routed to internally.
This post will help you write effective Snort Rules to materially improve your security posture. We’ll begin with a breakdown of how a Rule is constructed and then explore best practices with examples in order to capture as many malicious activities as possible while using as few rules as possible. Snort is an open-source network intrusion detection system (NIDS) that provides real-time packet analysis and is part of the Coralogix STA solution.
An investigation into a suspicious Facebook Messenger message led to the identification of an active Facebook phishing campaign seemingly resulting in victim accounts being abused by the threat actor to further propagate the phishing lure.
By now, we have a good understanding of what secure remote access (SRA) is and why organizations might choose to enable it for their OT environments. We also know that securing IT-OT collaboration, leveraging guidance from best practice frameworks and using an automated solution can help organizations to implement this type of access. Even so, we still don’t have a detailed view of how to implement industrial remote access in practice.
A few weeks, ago, technology news site The Verge reported on a new Ring security camera that is in fact a drone that flies around inside your house. Available beginning next year, the ‘Always Home Cam’ is supposed to give its owners a total view of their home without the need for multiple cameras. Those worried about break-ins or other kinds of suspicious activities may like the idea of being a fly on the wall in any room inside the house, even when they’re away from home.
Nowadays I do not need to waste my time fidgeting what I want to binge watch this weekend because my Netflix seems to knows what I would want to see better than me. And I often cringe if people ask me to share my Netflix account with them as that disturbs my suggestion algorithm. Similarly, while ordering from Myntra, it shows me suggestion of products which are available in my size and according to my spending capacity based on my previous buying habits.
While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8563) in Kubernetes that may cause sensitive data leakage. You would be affected by CVE-2020-8563 if you created a Kubernetes cluster over vSphere, and enabled vSphere as a cloud provider with logging level set to 4 or above. In that case, your vSphere user credentials will be leaked in the cloud-controller-manager‘s log.
