Archive

Archive for November, 2019

OMG, I use that site!

November 20, 2019 Leave a comment

In what is clearly becoming so sad it is now funny, another popular online store was hijacked. Macy’s fell victim to a third party inclusion vulnerability and like so may big retailers before them, some of you may be victim to the scorge of the Magecart gang.

Not even the FBI can help these retailers (or more likely they don’t listen or don’t care) as more and more of them unwittingly become infected.

CyberSecurity is now becoming the most important thing to worry about as a service provider AND as an online shopper. Be careful where you tread…

More details are available from Bleeping Computer.

Categories: General Tags: ,

Snyk Found Over Four Times More Vulnerabilities in RHEL, Debian, and Ubuntu – DZone Security

November 17, 2019 Leave a comment

Impressive list of vulnerabilities this year and even the purchase of Redhat by IBM isn’t making the paid OS immune. Check out the docker images that are floating around and be careful when trusting someone else’s container build.

https://dzone.com/articles/snyk-found-over-four-times-more-vulnerabilities-la?fromrel=true

Categories: General

What’s in a container image: Meeting the legal challenges | Opensource.com

November 8, 2019 Leave a comment

Do you remember when you bought a license and installed your copy of windows X on a VM and didn’t think twice about it. You loaded your software and maybe setup a reoccurring backup for it and you were done right?

Nowadays, there are risks at even using that Windows license on a cloud provider other than Azure (but that is another story)

Today, running containers is the new thing and that software is open source right? Not always!

You could have more than just Vulnerability risk to worry about. Some container images can also have License risk and you could have legal troubles too!

https://opensource.com/article/18/7/whats-container-image-meeting-legal-challenges

Categories: General