Kubernetes Security Issue (CVE-2019-11246)
July 02, 2019 2:00 PM PDT
CVE Identifier: CVE-2019-11246
AWS is aware of a security vulnerability (CVE-2019-11246) in the Kubernetes kubectl tool that could allow a malicious container to replace or create files on a user's workstation.
If a...
Linux Kernel TCP SACK Denial of Service Issues
June 17, 2019 10:00AM PDT
CVE Identifiers: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
AWS is aware of three recently-disclosed issues which affect the TCP processing subsystem of the Linux kernel. Specifically, a malicious TCP client or server can transmit a specially crafted series...
Intel Quarterly Security Release (QSR) 2019.1
May 14, 2019 10:00 AM PDT
CVE Identifiers: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Xen Security Advisories: XSA-297
Intel has published a security advisory (INTEL-SA-00233) regarding new information disclosure methods "Microarchitectural Data Sampling" (MDS) related to their processors. In parallel, the Xen...
Kubernetes Security Issues (CVE-2019-1002101 and CVE-2019-9946)
March 28, 2019 10:00AM PDT
AWS is aware of two recently disclosed security issues in Kubernetes (CVE-2019-1002101 and CVE-2019-9946). With the exception of the AWS services listed below, no customer action is required to address these issues.
Amazon Elastic...
Container Security Issue (CVE-2019-5736)
February 11, 2019 7:00 AM PST
CVE Identifier: CVE-2019-5736
AWS is aware of the recently disclosed security issue which affects several open-source container management systems (CVE-2019-5736). With the exception of the AWS services listed below, no customer action is...
Kubernetes Security Issues (CVE-2018-18264 and kubectl proxy)
January 4, 2019 9:00 AM PST
AWS is aware of the two recent security issues disclosed within Kubernetes regarding the Kubernetes API server ("kubectl proxy"), and the Kubernetes Dashboard (CVE-2018-18264). Amazon Elastic Container Service for Kubernetes (EKS) is not...
Kubernetes Security Issue (CVE-2018-1002105)
2018/12/04 1:00 PM PST
AWS is aware of a recent security issue within Kubernetes, assigned CVE identifier CVE-2018-1002105. Amazon Elastic Container Service for Kubernetes (EKS) manages the Kubernetes control plane on behalf of customers. Any new clusters launched after...
L1 Terminal Fault Speculative Execution Issue
August 14, 2018 11:00 AM PDT
Intel has published a security advisory (INTEL-SA-00161) regarding a new side-channel analysis method concerning their processors called "L1 Terminal Fault" (L1TF). AWS has designed and implemented its infrastructure with protections against these types...
Linux Kernel SegmentSmack Issue
August 6, 2018 1:00 PM PDT
CVE Identifiers: CVE-2018-5390
AWS is aware of a recently-disclosed security issue, commonly referred to as SegmentSmack, which affects the TCP processing subsystem of several popular operating systems including Linux.
AWS services are operating...
Cisco Patches Critical Flaw in Vision Dynamic Signage Director
Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.
Tracked as CVE-2019-1917, the vulnerability was found in the REST...
The Great Hack: the film that goes behind the scenes of the Facebook data scandal
This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
Scotland Yard Twitter and Emails Hacked
London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages.
read more
Browser Extensions Scraped Data From Millions of People
Slack passwords, NSO spyware, and more of the week's top security news.
Hackers breach FSB contractor, expose Tor deanonymization project and more
SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
