by EGI CSIRT | Jan 13, 2025 | News
If you are interested in what kept us busy in 2024 and what we are planning for 2025, please join us for the next EGI webinar entitled “EGI IRTF 2024 in Review: Incidents, Learnings and Plans for 2025” which will take place on Wednesday 22 January 2025,...
by EGI CSIRT | Dec 23, 2024 | Knowledgebase, News, Recommendations
Securing access to your servers is critical because it is the first line of defence against unauthorised access and potential breaches. Most security incidents are caused by inadequate access controls, such as weak or default passwords, stolen credentials, and lack of...
by EGI CSIRT | Dec 19, 2024 | Knowledgebase, News, Recommendations
Based on EGI Security Traceability and Logging Policy all certified EGI sites need to have a remote logging service in place. By storing logs remotely, you protect them from being tampered with or deleted by attackers who gain access to your systems. This ensures the...
by EGI CSIRT | Oct 28, 2024 | News
Slurm version 24.05.4 was released, including a fix for a recently discovered security issue with the new stepmgr subsystem. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users’ jobs. This is limited to...
by EGI CSIRT | Oct 15, 2024 | News
In early October 2024, EGI-CSIRT met in Abingdon for a F2F meeting. In addition to the usual operational tasks, the meeting focused on international collaboration, future training, and improving the security of the EGI network of computing centres. To achieve this, we...
by EGI CSIRT | Oct 14, 2024 | Advisories, News
A critical risk vulnerability has been found in the omniauth_saml plugin (via the ruby-saml library), which is used by e.g. GitLab, allowing potential Authentication bypass. Update your GitLab instances urgently. Details are available in the SVG Advisory.
Recent Comments