APT/APT-GET RCE Vulnerability (CVE-2019-3462) Handling Guide
janeiro 30, 2019
1 Vulnerability Overview
Recently, a security researcher discovered a critical vulnerability in the Advanced Packaging Tool (APT) of Linux. This vulnerability stems from the APT’s failure to properly handle redirects, which can be triggered via a man-in-the-middle attack or a malicious package mirror, resulting in remote code execution. (mais…)
Technical Report on Container Security (IV)-5
janeiro 30, 2019
Container Security Protection – Container Network Security
Container Network Security (mais…)
Chrome 72 arrives with code injection blocking and new developer features
janeiro 29, 2019
VentureBeat – Google today launched Chrome 72 for Windows, Mac, and Linux. The release includes code injection blocking and new developer features. You can update to the latest version now using Chrome’s built-in updater or download it directly from google.com/chrome. With over 1 billion users, Chrome is both a browser and a major platform that […]
Linux apt/apt-get Remote Code Execution (RCE) Vulnerability (CVE-2019-3462) Threat Alert
janeiro 28, 2019
Overview
On January 22, 2019, local time, security researcher Max Justicz announced his discovery of a remote code execution (RCE) vulnerability in Linux apt/apt-get. This vulnerability stems from the APT’s failure to properly handle certain parameters involved in HTTP redirects. It can be triggered via a man-in-the-middle attack or a malicious package mirror, resulting in remote code execution. (mais…)
Genius? Lunatic? Maybe Both (II)
janeiro 28, 2019
The ubiquity of the Internet is attracting more and more youths to the computer industry, especially the hacker community that holds a supreme position in the realm of cyber security. Every person eager to be part of the IT industry seems to be able to get something from it, ranging from appearing cool to making quick money. Today, you will be told more stories about some other legendary hackers. (mais…)
Telecom Exchange LA 2019
janeiro 28, 2019
Telecom Exchange LA 2019 November 12-13, 2019 Kimpton Hotel Palomar Los Angeles Beverly Hills
Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience
janeiro 27, 2019
Help Net Security – Researchers analyze DDoS attacks as coordinated gang activities In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang.
Cloud Expo Asia Hong Kong
janeiro 27, 2019
Cloud Expo Asia Hong Kong May 22-23, 2019 HKCEC, Hong Kong
