Critical Vulnerability Uncovered In Kubernetes

Critical Vulnerability Uncovered In Kubernetes

The first major security flaw has been uncovered in Kubernetes, the popular container orchestration system developed by Google. The vulnerability, identified as CVE-2018-1002105, carries a critical CVSS V3 rating of 9.8 due ...
Matthew Pascucci

Podcast: CISO Speak – Vulnerability Management in the Cloud

The post Podcast: CISO Speak – Vulnerability Management in the Cloud appeared first on CCSI ...
SSD Encryption from Crucial and Samsung is not secure Exposes Data

SSD Encryption from Crucial and Samsung is not secure Exposes Data

| | ssd, vulnerability
The researchers examined multiple SSDs, including Crucial and Samsung, some of which they found could be unlocked with any password if the password validation routine in RAM was modified through a standard ...

Cisco WebEx Meetings Server XML External Entity (CVE-2018-18895)

| | cisco, vulnerability, webex
Cisco Webex Meetings Server includes a version of Castor XML that is affected by XXE. Because of that Cisco WebEx Meetings Server prior to versions 2.8MR3 and 3.0MR2 patch 1 are affected ...

U-Boot verified boot bypass vulnerabilities (CVE-2018-18439, CVE-2018-18440)

Multiple techniques have been identified that allow to execute arbitrary code, within a running U-Boot instance, by means of externally provided unauthenticated data. [...] ...

New PortSmash Side-Channel Vulnerability (CVE-2018-5407)

A new vulnerability being called PortSmash, (CVE-2018-5407) has been discovered impacting all CPUs that use a Simultaneous Multithreading (SMT) architecture. SMT is a technology that allows multiple computing threads to be executed ...

Armis Discovers “BLEEDINGBIT,” Two Critical Chip-Level Vulnerabilities

Armis, the enterprise IoT security company, today announced the discovery of two critical vulnerabilities related to the use of Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI), and used in ...
Dark Side Quantum Computing

Flaws in BLE Chips Expose Millions of Enterprise Wi-Fi APs to Hacking

Security researchers have found two serious vulnerabilities in Bluetooth Low Energy (BLE) chips from Texas Instruments (TI) that are used in millions of Wi-Fi access points, but also in devices from various ...
Security Boulevard
Directory traversal (dubbed ZipSlip) vulnerability discovered in DeepLearning4j (ArchiveUtils)…

Directory traversal (dubbed ZipSlip) vulnerability discovered in DeepLearning4j (ArchiveUtils)…

Directory traversal (dubbed ZipSlip) vulnerability discovered in DeepLearning4j (ArchiveUtils) libraryRecently, we’ve identified a number of our customers who are susceptible to a Directory traversal vulnerability. The exploit chain (circumstances to exploit the ...
Vulnerable Magento Extensions Exploited to Plant Skimmers

Vulnerable Magento Extensions Exploited to Plant Skimmers

Threat actors have once again targeted the Magento platform. The purpose of the campaign is planting payment card skimmers on online stores. According to security researcher Willem de Groot, at least 20 ...
Loading...