Minimum Version of TLS 1.2 Required for FIPS Endpoints by March 31, 2021
Initial Publication Date: 2020/03/31 11:15AM PDT
AWS is updating all AWS Federal Information Processing Standard (FIPS) endpoints to a minimum Transport Layer Security (TLS) version of 1.2 across all AWS Regions by March 31, 2021. This update will...
Kubernetes Security Issue (CVE-2019-11249)
Last Updated: August 15, 2019 9:00AM PDT
CVE Identifier: CVE-2019-11249
AWS is aware of a security issue (CVE-2019-11249) which resolves incomplete fixes for CVE-2019-1002101 and CVE-2019-11246. Like the aforementioned CVEs, the issue is in the Kubernetes kubectl tool that...
Kubernetes Security Issue (CVE-2019-11246)
July 02, 2019 2:00 PM PDT
CVE Identifier: CVE-2019-11246
AWS is aware of a security vulnerability (CVE-2019-11246) in the Kubernetes kubectl tool that could allow a malicious container to replace or create files on a user's workstation.
If a...
[v2] Linux Kernel TCP SACK Denial of Service Issues
Last Updated: June 17, 2019 14:15PM PDT
CVE Identifiers: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
This is an update for this issue.
Updated Linux kernels for Amazon Linux are available in the Amazon Linux repositories, and updated Amazon Linux AMIs are available for...
[v3] Linux Kernel TCP SACK Denial of Service Issues
Last Updated: June 17, 2019 17:00PM PDT
CVE Identifiers: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
This is an update for this issue.
AWS Elastic Beanstalk
Updated AWS Elastic Beanstalk Linux-based platform versions are available. Customers using Managed Platform Updates will be automatically updated...
[v1] Linux Kernel TCP SACK Denial of Service Issues
You are viewing a previous version of this security bulletin. For the most current version please visit: "Linux Kernel TCP SACK Denial of Service Issues".
June 17, 2019 10:00AM PDT
CVE Identifiers: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
AWS is aware of three...
Linux Kernel TCP SACK Denial of Service Issues
June 17, 2019 10:00AM PDT
CVE Identifiers: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
AWS is aware of three recently-disclosed issues which affect the TCP processing subsystem of the Linux kernel. Specifically, a malicious TCP client or server can transmit a specially crafted series...
Spear Phishing Campaign Hits Developer Collaboration System Users
Users of Zeplin, a popular developer and designer collaboration system, have been hit with new waves of spearphishing attacks in the last month.
British Army pulls up its SOC: New regiment to do infosec work even civvies will recognise
That's Systems Operating Centre to you. Chuffed with that, says Royal Signals brigadier The British Army has raised a new regiment that will take charge of its in-house security operations centre, a move calculated to make cyber defence a...
FTC Slams Children’s App Developer for COPPA Violations
Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.
Business Services Provider Conduent Hit by Ransomware
Business process services provider Conduent has been the victim of a ransomware attack that appears to be the work of Maze operators.
Formed in 2017 as a divestiture from Xerox and headquartered in New Jersey, the company offers digital platforms...
Cisco security advisories address 47 flaws, three critical
Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software.
Among the most series flaws is a...
