vulnerabilities Archives

A conceptual image representing Kubernetes security, including the GKE Autopilot vulnerabilities discussed here, which, before fixed, could have allowed for container escape leading to a shadow administrator.

33,424

people reacted

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

By Yuval Avrahami
March 8, 2022 at 6:00 AM

14 min. read

A conceptual image representing container security issues, such as CVE-2022-0492, the Linux vulnerability discussed here.

65,819

people reacted

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

By Yuval Avrahami
March 3, 2022 at 10:00 AM

9 min. read

54,742

people reacted

Threat Brief: Ongoing Russia and Ukraine Cyber Conflict

By Robert Falcone, Mike Harbison and Josh Grunzweig
January 20, 2022 at 12:30 PM

8 min. read

A conceptual image representing a vulnerability, such as the Apache log4j remote code execution vulnerability discussed here, CVE-2021-44228.

271,630

people reacted

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone
December 10, 2021 at 1:00 PM

433

15 min. read

A conceptual image representing trends, such as those covered in our post on network security trends from May-July 2021.

39,532

people reacted

Network Security Trends: May-July 2021

By Yue Guan and Lei Xu
September 17, 2021 at 3:00 PM

9 min. read

A conceptual image associated with the threat brief series, such as this post covering recent OMI vulnerabilities and how to remediate.

37,512

people reacted

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

By Nathaniel Quist
September 16, 2021 at 12:00 PM

2 min. read

A conceptual image illustrating vulnerabilities related to containers and Kubernetes, such as Azurescape, the cross-account container takeover in Azure Container Instances discussed here.

81,992

people reacted

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

By Yuval Avrahami
September 9, 2021 at 3:00 AM

14 min. read

A conceptual image representing vulnerabilities, such as CVE-2021-26084, discussed here.

35,038

people reacted

Threat Brief: CVE-2021-26084

By Unit 42
September 3, 2021 at 12:20 PM

2 min. read

A conceptual image representing a vulnerability, such as CVE-2021-32305, discussed in this post.

32,805

people reacted

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

By Brock Mammen and Haozhe Zhang
August 30, 2021 at 6:00 AM

5 min. read

A conceptual image representing the network-attached devices common in the small office and home office that are being targeted by the eCh0raix ransomware variant.

47,548

people reacted

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices

By Ruchna Nigam, Haozhe Zhang and Zhibin Zhang
August 10, 2021 at 3:00 AM

12 min. read

A conceptual image representing an adversary. The new attack surface discussed here is an example of what can be possible for an adversary able to perform remote attacks.

31,830

people reacted

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021

By Tao Yan, Qi Deng, Bo Qu and Zhibin Zhang
July 30, 2021 at 3:00 PM

7 min. read

Learn From a Wiped Computer with Digital Forensics

29,445

people reacted

What Can You Learn From a “Wiped” Computer With Digital Forensics?

By Michael Savitz
May 27, 2021 at 12:00 AM

4 min. read

32,142

people reacted

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Qi Deng
April 15, 2021 at 11:44 AM

6 min. read

A conceptual image representing container security, such as that affected by CVE-2021-20291, discussed in this post

30,119

people reacted

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

By Aviv Sasson
April 14, 2021 at 6:00 AM

4 min. read

27,966

people reacted

Network Attack Trends: Internet of Threats (November 2020-January 2021)

By Lei Xu, Yue Guan and Vaibhav Singhal
April 12, 2021 at 10:37 AM

8 min. read

Posts tagged with: vulnerabilities

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

Threat Brief: Ongoing Russia and Ukraine Cyber Conflict

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

Network Security Trends: May-July 2021

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

Threat Brief: CVE-2021-26084

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021

What Can You Learn From a “Wiped” Computer With Digital Forensics?

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

Network Attack Trends: Internet of Threats (November 2020-January 2021)

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account