EGI CSIRT meeting in Ljubljana

Another very busy EGI CSIRT meeting in beautiful Ljubljana, thanks a lot to JSI for having us! Besides the great hospitality the CSIRT enjoyed discussions on lessons learned from the latest incidents, how to improve our view on things in the EGI infrastructure, as...

read more

Docker symlink-race attack CVE-2018-15664

Docker has been found vulnerable to a symlink-race attack in the API behind "docker cp". Some information on this has been published publicly already. Attackers can gain read-write access to the host filesystem with root privileges. A patch is not available yet, one...

read more

EGI CSIRT at the HEP System Managers meeting

The HEP System Managers meeting is a traditional event to gather administrators responsible for high-energy IT resources in UK to share experience and discuss current topics. The last HEP SYSMAN meeting took place at the Rutherford Appleton Laboratory on the Harwell...

read more

Microarchitectural Data Sampling (MDS) vulnerabilities

After several hardware-level security vulnerabilities Meltdown, Spectre, Speculative Store Buffet Bypass and Foreshadow, Intel has released information about a new group of security vulnerabilities, called MDS aka "RIDL" aka "Fallout" aka "Zombieland" affecting most...

read more

EGI-CSIRT presentations at the EGI Conference

Last week EGI Conference took place in Amsterdam. EGI-CSIRT had two interesting talks on cloud security and federated security. Both presentations are available online: Information Security 3: Who you gonna call by David Groep Security in a cloud environment by David...

read more
Trusted Introducer