Latest News

34 sessions from 54 presenters representing 20 organizations! We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30. This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”. Security researchers and responders from inside and outside of Microsoft will gather on the Microsoft campus in Redmond, WA to share, debate, and challenge each other, with the shared goal of creating a safer and more secure world for all.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could

Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.

At Red Hat, we are committed to delivering trustworthy and robust products through a comprehensive security approach that encompasses many Secure Development Lifecycle (SDLC) activities. Our approach is grounded in the foundational principles of secure system design, which were first articulated 50 years ago in 1974 by Jerome Saltzer and Michael Schroeder in their seminal work: The Protection of Information in Computer Systems.Try Red Hat Enterprise Linux AIThese principles, along with more recent advancements, such as those outlined in the CISA Secure by Design and SafeCode Fundamental Prac

Red Hat OpenShift sandboxed containers, built on Kata Containers, now provide the additional capability to run Confidential Containers (CoCo). Confidential Containers are containers deployed within an isolated hardware enclave protecting data and code from privileged users such as cloud or cluster administrators. The CNCF Confidential Containers project is the foundation for the OpenShift CoCo solution. You can read more about the CNCF CoCo project in this article.As part of OpenShift sandboxed containers release version 1.7.0 the support for Confidential Containers on IBM Z and LinuxONE using

The ABB BMS/BAS controller suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'directory' HTTP POST parameter called by the persistenceManagerAjax.php script.

These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

This latest breach was through Zendesk, a customer service platform that the organization uses.

The Internet Archive (Archive.org) suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk…