Agregátor RSS

OpenAI Sora před pár měsíci nalákala na impozantní videoukázky vygenerované pomocí AI, několik málo tvůrců si ji vyzkoušelo, ale zatím jde o velmi uzavřený projekt, ke kterému se nedostanou ani platící uživatelé ChatGPT. Minulý týden jsme psali o službě Dream Machine od Luma AI, která umí ...

Byla vydána nová stabilní verze 6.8 webového prohlížeče Vivaldi (Wikipedie). Postavena je na Chromiu 126. Přehled novinek i s náhledy v příspěvku na blogu a na YouTube. Vypíchnuta jsou vylepšení v integrovaném poštovním klientu.

I tentokrát jsme si během Next festu na Steamu zahráli několik demoverzí očekávaných či nadějně vyhlížejících titulů. Mezi nimi byla například hororová akce, taktická tahovka, ale třeba i souls-like rubačka ze slunné Itálie. Jaké hry se nám líbily? A jaké u nás spíše propadly?

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted PlatformNewsroomhttp://www.blogger.com/profile/[email protected]

State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,

State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, Newsroomhttp://www.blogger.com/profile/[email protected]

Containers are among the many recent inventions of modern computing. They have emerged as the cornerstone of software development and deployment. They isolate applications and their dependencies into a closed environment, enabling efficient and consistent deployment across different infrastructures.There are plenty of reasons behind the shift to containerization, the key being the widespread adoption of DevOps practices and cloud-native innovations. However, despite the unmatched convenience and efficiency, containers bring various security challenges that traditional security measures can't fully address.As this new technology proliferates across production environments, securing them should be a priority for all organizations. Unlike traditional devices, containers share the hosts' OS kernel, which is beneficial but exposes it to potential vulnerabilities. This means businesses should re-evaluate their security strategies throughout the container's lifecycle.Similarly, the future of container security depends on several emerging innovations. The increasing shift towards Zero Trust models is especially relevant to containerized environments. This model assumes no inherent trust within the network and enforces stringent authentication measures for access.The shift-left security option, which integrates security practices from the development lifecycle, is also beneficial. This strategy helps developers detect and mitigate vulnerabilities before production, significantly reducing attack surfaces. Various open-source tools, including Trivy, lead the pack in ensuring these developments. Below is a detailed guide on container security and its future. Read on!The Current State of Container SecurityWith the rise of the adoption of containers, there's a need to understand the current state of container security. While containers offer significant benefits, they introduce significant security challenges. It is prudent for organizations and businesses to know some of the existing threats and common attack vendors before adopting them. They Include: Vulnerable code is the most important security risk of containerized applications. As mentioned, containers package applications alongside their dependence. This often includes insecure or outdated libraries that attackers can exploit. Compromised images: Containers rely on images containing apps and their dependencies. Unfortunately, some may have insecure components that expose the entire network to security risks. A compromised container image serves as a perfect entry points for attackers. Insecure working: Containers communicate through internal networks. Poorly secured networks become excellent vectors for attacks. Lack of encryption and insufficient segmentation often lead to data breaches. Container escape: This severe threat occurs when attackers break out of container isolation and access the host system, compromising the host and other containers running on it.While these risks are dire, container environments have various built-in security measures that mitigate these vulnerabilities. These features are built on Docker and Kubernetes but have some limitations. For instance, Docker uses namespaces to isolate containers and host systems. This significantly prevents unauthorized access and denial-of-service attacks and reduces the attack surface. However, Docker's default features are slightly insufficient. Simple issues like using untrusted images can bypass its security setup. Kubernetes also provides perfect built-in security features for container environments. It enhances container security by implementing RBAC, which controls access and empowers network segmentation. Unfortunately, configuring Kubernetes securely often proves challenging. Wrong settings expose containers to vulnerabilities.However, this doesn't mean containers are entirely insecure. Organizations can leverage various open-source container security tools to address these issues that exceed the capability of built-in security measures. These tools include: Trivy and Clair for image vulnerability scanning Kube-bench and Kubescape for configuration and compliance issues. Falco and Sysdig for enhanced runtime security Cilium and Calico will address network security issues. Open Policy Agent and Kyverno to sort policy enforcement issues. Dex and Keycloak for identity verification and access management. Sealed Secrets and HashiCorp Valut for secrets management. They enhance the security of stored sensitive information. Grafana Loki and Prometheus for better incident responses.Collectively, these tools provide targeted solutions that enhance container security in different aspects of the container lifecycle.Emerging Trends in Container SecurityWith the expanding use of containerization, the security realm surrounding these environments keeps evolving in response to emerging threats. Below is a breakdown of top trends shaping the future of container security:Exploitation patterns and attacks targeting containerized environmentsAttackers now use sophisticated techniques to exploit vulnerabilities present in these systems. Some of the recent trends in exploitation patterns include: Supply chain attacks : Malicious persons compromise container images and dependencies, ultimately affecting the supply chain. They can inject malware into private or public repositories. Lateral movement: Attackers attempt to move laterally to access other containers after successfully accessing a container. Resource hijacking '' malicious individuals hijack resources for malicious activities. Containers with misconfigured resources are often very vulnerable.Integrating security into the CI/CD pipelineThis practice is a perfect response to the dynamic nature of container deployments. Also called shift-left security, it focuses on identifying and mitigating vulnerabilities earlier in the container development lifecycle. Various tools, including automated vulnerability scanning and security testing, are integrated into CI/CD workflows before containers reach final production. Automated checks are also conducted to ensure containers have the necessary security structure before deployment.The use of software bills of materialsContainers heavily rely on third-party components and dependencies. Using SBOM has become crucial for tracking and managing all components. It provides a detailed inventory of all components in the container image, including frameworks, libraries, and dependencies. Doing this is beneficial in many ways.For starters, it helps in vulnerability management. Organizations can easily identify and address threats in third-party components. SBOMs also provide vital information during incident response. Knowing the components makes it easy to identify the origin of the compromise.Adoption of policy as code practicesPolicy as Code is a practice of defining security policies enforceable through code. This approach aligns perfectly with shift-left practices, embedding security policies directly into the container development lifecycle. Adoption of these practices helps organizations achieve consistency and automation. Administrators define and automate policies, significantly reducing the risk of misconfiguration and human error. These policies also enhance collaboration between development and security teams.Adoption of AI and ML{modal image="https://linuxsecurity.com/images/articles/features/haskell-dockerfile-linter.png" thumbnail-width="200" thumbnail-height="160" }{/modal}Artificial intelligence and machine learning have transformed container security in the following ways: Threat prediction: ML models analyze patterns and historical data to predict potential threats. This proactive approach helps anticipate and mitigate vulnerabilities before they materialize. Behavior analysis: Al-powered tools analyze container patterns to identify anomalies that indicate security threats like resource usage or unexpected connections. Automated responses: Automated tools provide faster and accurate responses to arising incidents. Integrating AI with incident response workflow allows organizations to streamline threat mitigation and minimize the impact of breaches.Adoption of service mesh architecturesOrganizations have increasingly adopted service mesh architectures to secure communication between containerized environments. This practice enhances traffic control and policy enforcement. Service meshes like Istio provide more control over network traffic, enhancing confidentiality and data integrity.Service meshes also allow organizations to monitor traffic patterns and detect anomalies. Such visibility is crucial for identifying and responding to threats in real time. However, meshes introduce some complexities. Organizations should carefully balance these security advantages with resource demands.Spotlight on Open Source Security ToolsSecuring these environments becomes important as containerization becomes the cornerstone of modern app deployment. Open-source tools can help organizations address various challenges. Some of the top open-source tools to consider include:TrivyTrivy is an open-source tool from Aqua Security that offers excellent vulnerability scanning for container images and file systems. This tool stands out for its comprehensive vulnerability scanning ability, which makes it a must-have tool in business container security sets. Key features of Trivy include: Wide vulnerability coverage: The tool scans various vulnerabilities in container images. It also supports various languages and package managers, broadly covering potential threats. Ease of use: The command-line interface is straightforward and requires minimal setup. Community and support: As an open-source project, Trivy benefits from contributions from a vibrant community of developers. This collaborative environment ensures that it remains up-to-date.HadolintThis is another open-source linter that helps developers write secure Docker images. Hadolint evaluates Docker files, ensuring they adhere to best practices like minimal image size, reduced number of layers, and more. These practices enhance the performance and security of container images.Hadolint also provides security recommendations for improving Docker Files' security. For instance, it can suggest using the ''latest'' tag, which has potential security vulnerabilities. The tool allows users to define custom configurations and rules to suit their requirements. Organizations can also benefit from Clair, Grype, Syft, and Kube-Bench. These tools play a crucial role in improving the container security landscape.Future of Open Source Container Security Tools{modal image="https://linuxsecurity.com/images/articles/features/Picture-4-Docker-Desktop-Dashboard-Trivy-Extension-Image-Scan-and-Vulnerability-list.webp" thumbnail-width="250" thumbnail-height="163" }{/modal}The container security landscape continues evolving, with applications becoming more complex and new threats emerging. Open-source tools like Trivy will also likely undergo significant advancements to meet emerging challenges. As containerized environments become sophisticated, Trivy will expand its detection abilities. Its threat detection abilities will include supply chain attacks and new exploitation techniques.Trivy will also evolve to adapt to the needs of modern architectures, especially hybrid and multi-cloud environments. On the other hand, Hadolint will feature advanced limiting rules and a deeper integration with the container ecosystem. Hadolint will feature sophisticated features that address emerging performance and security issues in Docker Files.However, the fast-paced culture of this environment will necessitate a community-driven approach to open-source tool development. Open-source communities allow for rapid response to emerging threats, leveraging collective expertise and resources.Similarly, integrating open-source security tools into comprehensive security platforms is very possible. Integration of these tools will focus on enhancing interoperability and automation. This will require standardization of APIs and data formats to allow smooth data exchange and communication of these tools.Lastly, new tools will emerge tailored to address specific vulnerabilities associated with evolving container technologies. These tools will likely focus on specific areas, like serverless security. New tools will also help organizations navigate complex compliance requirements. For instance, they will automate compliance checks and provide detailed reports to ensure containerized apps adhere to legal provisions.Challenges and Considerations for the FutureMaintaining robust security becomes challenging as containerization becomes more disrupted and dynamic. The main issues are: Securing dynamic and distributed environments: This requires tools that adapt to diverse deployment environments, including on-premise data centers, edge devices, and multiple clouds. Balancing agility and usability: Focusing overly on agility leads to misconfiguration, while stringent security practices hinder usability. Finding the perfect balance is key. Legal and regulatory issues: Open-source tool development should adhere to a complex legal landscape. Compliance with data protection laws, software licensing and other legal issues becomes challenging.Addressing these challenges requires collaboration and continuous innovation.Keep Learning About Container SecurityContainer technologies offer great flexibility and scalability. However, they come with unique security challenges that necessitate innovative solutions. Fortunately, open-source tools play a crucial role in enhancing security. Their capabilities, ranging from vulnerability scanning to runtime monitoring, help secure container environments.However, developers and professionals still need to contribute to enhancing the security of these projects. Participating in open-source communities helps shape the future of container security and ensures these tools meet the demands of modern applications. Learn about Container Security basics Secure Docker Containers with These Data Management Software Options Open Source Vulnerability Assessment Tools & Scanners

Žebříčky nejnavštěvovanějších snímků jasně ukazují, že diváci u nás milují české komedie. Tady najdete ty nejlepší z porevoluční éry.

Publishing right before a major election is apparently just a coincidence

A fresh report into the Nobelium offensive cyber crew published by France's computer emergency response team (CERT-FR) highlights the group's latest tricks as the country prepares for a major election and to host this year's Olympic and Paralympic Games.…

Smrti nikdo neuteče, dokonce ani Linux počínaje verzi 6.10 ne, tedy alespoň v podobě notoricky známé modré obrazovky.

Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining

Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining The Hacker Newshttp://www.blogger.com/profile/[email protected]

Místopředseda vlády pro digitalizaci a ministr pro místní rozvoj Ivan Bartoš na sociální síti X oznámil, že návrh na sledování online komunikace (tzv. Chat Control) v legislativě EU CSAM byl stažen z jednání Rady EU belgickým předsednictvím, protože pro něj nebyla dostatečná podpora. Návrh ...

Cybercriminals claim they used a zero-day to breach pathology provider’s systems

Interview  The ransomware gang responsible for a healthcare crisis at London hospitals says it has no regrets about its cyberattack, which was entirely deliberate, it told The Register in an interview.…

Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News

Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker NewsNewsroomhttp://www.blogger.com/profile/[email protected]

Příspěvek Aukce domén – měsíc po spuštění na blogu CZ.NIC shrnuje první měsíc provozu Aukce domén .CZ. Aukcemi prošlo celkem 18 174 domén, z toho na 742 z nich byl učiněn alespoň 1 příhoz. Nejdražší aukcí byla na doménu virtualnisidlo.cz s cenou 95 001 Kč, která však nebyla včas uhrazena. Nejdražší aukcí, která byla vydražena i zaplacena je praguecityline.cz s cenovkou 55 600 Kč.