A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks.
Original release date: February 12, 2019 The Cybersecurity and Infrastructure Security Agency (CISA) has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provide a background on the identified cyber activity and mitigation techniques. Click here to register. This product is provided subject to this Notification and this Privacy & Use policy.
Overall, Adobe patched 75 important and critical vulnerabilities – including a flaw that could allow bad actors to steal victims’ hashed password values.
Original release date: February 11, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »
Original release date: February 11, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several open-source container management systems that leverage runc. NCCIC encourages users and administrators to review the runc security advisory, and the RedHat and Amazon Web Services blogs; and refer to OS and application vendors for mitigations and updates as they become available. This product is provided subject to this Notification and …
Read More »
The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims’ NTLM hashes.
A vulnerability in FireOS, the Amazon Fire Tablet’s operating system, has been patched.
Apple’s iOS 12.1.4 fixes a FaceTime bug that made headlines last week.
Up to eight airlines do not encrypt e-ticketing booking systems – leaving personal customer data open for the taking.
A researcher who discovered a flaw letting him steal passwords in MacOS is not sharing his findings with Apple without a macOS bug bounty program.