BEIJING. – Sep 14, 2021 The 2nd APEC Cross-Border E-Commerce Training (APEC CBET II) is held at 9:00am-11:30am (GMT+8) on September 8, 15 & 22, 2021 by the Department of International Trade and Economic Affairs of the Ministry of Commerce of China, supported by DHgate. This event is facilitated specifically...
Author: Jie Ji
Top Four Risks When Using Serverless Function in Cloud Native Applications
Serverless is a new computing mode of the cloud native architecture, mainly taking the form of function as a service (FaaS). For the serverless mode, developers will write a function and define when and how to invoke it and then the function will run in the server provided by the...
API Security in Cloud Native Applications
Cloud native applications, based on the microservice architecture, interact with each other by sending requests or response through APIs. Arguably, API communications play an essential role in interactions of cloud native applications. Therefore, API security is an indispensable part of cloud native application security. API-related security issues shown below have...
INFRAHALT: NicheStack TCP/IP Stack High-Risk Vulnerabilities Threat Alert
Overview Recently, researchers from JFrog and Forescout released a joint report to publicly disclose 14 security vulnerabilities (collectively referred to as INFRA:HALT) in the NicheStack TCP/IP stack, announcing that these vulnerabilities could lead to remote code execution, denial of service, information disclosure, TCP spoofing, or DNS cache poisoning. Researchers noted...
Zero-Trust Cloud Native Network Security Enabled by Micro-segmentation
Traditional networks or virtual networks have employed network segregation technologies like VLAN or VPC which are, however, more often used for segregation of deterministic networks or tenant networks. In cloud native environments, containers or microservices have a shorter lifecycle and change more frequently compared with traditional networks or tenant networks....
Exim Remote Code Execution Vulnerability (CVE-2020-28020) Threat Alert
Overview In May, Qualys publicly disclosed 21 security vulnerabilities in the Exim server, announcing that these vulnerabilities affected all Exim versions released after 2004 and most of them can be exploited in default configurations. Recently, NSFOCUS found that certain vulnerability details and PoCs were publicly available. Among the vulnerabilities, the...
