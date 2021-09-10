Security Leftovers
-
Apache Ranger response to incorrect analyst report on Cloud data security
A recent industry analyst report by GigaOm and sponsored by Immuta comparing Apache Ranger to Immuta paints an incorrect picture on the complexities of using Apache Ranger. We believe the report contains a number of errors and inconsistencies. Unfortunately the Apache Ranger Project Management Committee (PMC) was not contacted by the analyst firm during preparation of the report.
We have attempted to contact the authors and members of the research team several times, requesting the opportunity to review the inaccuracies and have them corrected. Despite our many attempts to rectify the misinformation, no-one from the analyst firm responded.
For the benefit of existing and potential users of Apache Ranger, it is important for Apache Ranger PMC to respond to this report with facts.
-
VMware Releases Security Updates
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
-
NETGEAR Releases Security Updates for RCE Vulnerability
NETGEAR has released security updates to address a remote code execution vulnerability—CVE-2021-40847—in multiple NETGEAR routers. A remote attacker could exploit this vulnerability to take control of an affected system.
-
'Shadow Code' Creates Risk for 99% of Websites
Shadow code — third-party scripts and libraries often added to web applications without security validation — pose risks to websites and jeopardize compliance with privacy regulations, according to new research released Tuesday.
Third-party code leaves organizations vulnerable to digital skimming and Magecart attacks, the researchers also noted.
-
Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants
The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime.
Suex is registered in the Czech Republic but operates out of offices in Russia. According to the US Treasury, more than 40 per cent of the firm's known transaction history involves illicit entities, and that it handled payments from at least eight ransomware variants.
-
Lumen Technologies’ Black Lotus Labs Proves Linux Executable Files Can Be Used as Stealth Windows Loaders [Ed: This is a Windows issue, not a "Linux" issue]
-
World-Class Cyber Protection Available for Rocky Linux Users
-
- Login or register to post comments
- Printer-friendly version
- 149 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Cycles X Merged Into Blender 3.0 With NVIDIA CUDA/OptiX Support, AMD HIP Pending
Cycles X as a modernizing of Blender's Cycles rendering engine has now landed in the latest development code for Blender 3.0. Cycles X brings big performance improvements but does eliminate OpenCL support in the process. Cycles X was one of the reasons for the delay in the Blender 3.0 release to allow time for this Cycles overhaul to land. As of yesterday, the Cycles-X branch was merged into the Blender 3.0 code-base as a major renderer update.
Oracle's Next-Generation GNU Profiler "gprofng" Is Looking Great For Developers
Oracle engineers have been working on "gprofng" as a next-generation GNU Profiler that can analyze production binaries. Oracle talked up Gprofng today during the GNU Tools Track as part of Linux Plumbers Conference 2021. Gprofng stems from Oracle Developer Studio's Performance Analyzer and this new tool currently supports profiling C, C++, Java, and Scala code. Unlike the original gprof, gprofng is able to profile production binaries that do not need to be built with any special options or still have the source code available. Unmodified executable can be easily analyzed and a wealth of information provided.
Software: Host Identity Based Authorization, Baby Buddy, and Foreman
Events: LibOCon, POSI, and Kiwi TCMS at WebSummit 2021
Recent comments
7 min 53 sec ago
9 min 17 sec ago
13 min 10 sec ago
19 min 43 sec ago
1 hour 48 min ago
1 hour 53 min ago
1 hour 55 min ago
2 hours 3 min ago
2 hours 24 min ago
2 hours 35 min ago