Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jan 24, 2024

TecMint ☛ 8 Useful GNU/Linux Security Features and Tools for Beginners

The primary use of computers in any form, whether it’s a mobile phone, personal computer, a workstation [...]

Report Surfaces High Level of Kubernetes Insecurity in the Cloud

Kubernetes clusters made available by the three major cloud service providers are vulnerable to a wide range of potential cyberattacks.

NVISO Labs ☛ Is the Surveillance Giant Google search bar enough to hack Belgian companies?

In this blog post, we will go over a technique called Surveillance Giant Google Dorking and demonstrate how it can be utilized to uncover severe security vulnerabilities in web applications hosted right here in Belgium, where NVISO was founded.

SANS ☛ Apple Updates Everything - New 0 Day in WebKit, (Mon, Jan 22nd)

Today, Fashion Company Apple released significant "point releases" for all its operating systems. With new features, we also got patches for 29 different vulnerabilities.

SANS ☛ Scans/Exploit Attempts for Atlassian Confluence RCE Vulnerability CVE-2023-22527, (Mon, Jan 22nd)

Included with the bulletin was a patch for CVE-2023-22527, a remote code execution vulnerability in Confluence Data Center and Confluence Server. Atlassian assigned a CVSS score of 10.0 to the vulnerability.

Security Week ☛ [Crackers] Exploited VMware vCenter Server Vulnerability Since 2021

CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half.