Docker symlink-race attack CVE-2018-15664

Docker has been found vulnerable to a symlink-race attack in the API behind "docker cp". Some information on this has been published publicly already. Attackers can gain read-write access to the host filesystem with root privileges. A patch is not available yet, one...

read more

EGI CSIRT at the HEP System Managers meeting

The HEP System Managers meeting is a traditional event to gather administrators responsible for high-energy IT resources in UK to share experience and discuss current topics. The last HEP SYSMAN meeting took place at the Rutherford Appleton Laboratory on the Harwell...

read more

Microarchitectural Data Sampling (MDS) vulnerabilities

After several hardware-level security vulnerabilities Meltdown, Spectre, Speculative Store Buffet Bypass and Foreshadow, Intel has released information about a new group of security vulnerabilities, called MDS aka "RIDL" aka "Fallout" aka "Zombieland" affecting most...

read more

EGI-CSIRT presentations at the EGI Conference

Last week EGI Conference took place in Amsterdam. EGI-CSIRT had two interesting talks on cloud security and federated security. Both presentations are available online: Information Security 3: Who you gonna call by David Groep Security in a cloud environment by David...

read more

Security Forensics Training at EGI Conference 2019

You are all welcome to join us at the Security Forensics Training at the EGI conference, which will take place in Amsterdam from 6th to 8th of May 2019. The Security Training will address aspects of the recent Service Security Challenge run against the EGI...

read more

Taipei security workshop presentations

In the end of March 2019, EGI CSIRT had a full-day security workshop at the International Symposium on Grids & Clouds 2019 (ISGC 2019) in Taipei, focusing on network monitoring, incident response and forensics. Security workshop materials are now available online:...

read more
Page 2 of 3123
Trusted Introducer