Security Leftovers
-
SUSE's Corporate Blog ☛ Security Controls for the OWASP Kubernetes Top 10
Using NeuVector to Reduce Risk in Kubernetes Kubernetes has become the de-facto standard for container orchestration platforms and is widely used in business-critical infrastructure in enterprises of all sizes. With this popularity comes an increase in focus for hackers to exploit vulnerabilities and misconfigurations in Kubernetes clusters.
-
Diffoscope ☛ Reproducible Builds (diffoscope): diffoscope 254 released
The diffoscope maintainers are pleased to announce the release of diffoscope version
254. This version includes the following changes:* Reflow some code according to black.
[ Seth Michael Larson ]
* Add support for comparing the 'eXtensible ARchive' (.XAR/.PKG) file format.
* Add external tool on GNU Guix for 7z.
-
Security Week ☛ Critical Vulnerabilities Found in Open Source AI/ML Platforms
Security researchers flag multiple severe vulnerabilities in open source AI/ML solutions MLflow, ClearML, Hugging Face.
-
Scoop News Group ☛ Russian foreign intelligence hackers gain access to top Abusive Monopolist Microsoft officials, company says [Ed: This is Microsoft's fault, not Russia's]
Microsoft said the SVR attack "was not the result of a vulnerability" in its products or services.
-
Security Week ☛ Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs [Ed: Misleading framing. Microsoft trying to blame Russia for its own failings.]
A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives.
-
Security Week ☛ US Charges Russian Involved in 2013 Hacking of Neiman Marcus, Michaels
US charges Russian cybercriminals, including man allegedly involved in hacking of Neiman Marcus and Michaels Stores in 2013.