Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Web Browser Stored Credentials

Microsoft introduced Data Protection Application Programming Interface (DPAPI) in Windows environments as a method to encrypt and decrypt sensitive data such as credentials using the… Continue reading → Web Browser Stored Credentials

Pentestlab
#web#windows#google#microsoft#linux#js#samba#auth#chrome
Authentication and Authorization in Red Hat OpenShift and Microservices Architectures

One of the key components of a container-based architecture is security.There are many facets to it (just have a look at the list of topics in the official OpenShift documentation here), but some of the most basic requirements are authentication and authorization. In this article, I explain how authentication and authorization work in Kubernetes and Red Hat OpenShift. I cover interactions between the different layers of a Kubernetes ecosystem, including the infrastructure layer, Kubernetes layer, and the containerized applications layer.What is authentication and authorization?In simple terms,

Ewon Cosy+ Excessive Access

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. The Ewon Cosy+ executes all tasks and services in the context of the user "root" and therefore with the highest system privileges. By compromising a single service, attackers automatically gain full system access.

Debian Security Advisory 5750-1

Debian Linux Security Advisory 5750-1 - Support for the "strict kex" SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.

Red Hat Security Advisory 2024-5547-03

Red Hat Security Advisory 2024-5547-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.1 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-5535-03

Red Hat Security Advisory 2024-5535-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a traversal vulnerability.

Red Hat Security Advisory 2024-5534-03

Red Hat Security Advisory 2024-5534-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.