5 things you must know about Log4Shell

This is the largest vulnerability we have seen in years. 1. **You may still be vulnerable even if your project is not based on Java.** Many tech stacks are vulnerable because so many tools use the L ...

Continue Reading
Tarian – Antivirus for Kubernetes

[![](https://blogger.googleusercontent.com/img/a/AVvXsEgPkGHbAoj3VNsTKg0Yfpq3F3RbQHZD1iLK_KScNyEdycLUJMUW98BSbverMoyYJku68OWIZ_qv1uR_spiHZU43wUYpgb7-o59h9AnRRhsbs6hjHueChJ_aHSqldRCu6n3JlhVE_RayQYZLqRz ...

Continue Reading
[SECURITY] Fedora 35 Update: golang-github-containerd-ttrpc-1.1.0-1.fc35

GRPC for low-memory environments. The existing grpc-go project requires a lot of memory overhead for importing packages and at runtime. While this is great for many services with low den sity require ...

Continue Reading
[SECURITY] Fedora 35 Update: grpcurl-1.8.6-2.fc35

Like cURL, but for gRPC: Command-line tool for interacting with gRPC server s.Read More ...

Continue Reading
[SECURITY] Fedora 35 Update: golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc35

GRPC to JSON proxy generator following the gRPC HTTP spec.Read More ...

Continue Reading
Improper Authentication in etcd

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd c ...

Continue Reading
New UAC-0056 activity: There’s a Go Elephant in the room

_This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi._ UAC-0056 also known as SaintBear, UNC2589 and TA471 is a [cyber espionage actor]() that has been active since early 2021 ...

Continue Reading
CVE-2022-24777

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachabl ...

Continue Reading

Back to Main

Subscribe for the latest news: