TRANSITS-I courses in Amsterdam
TRANSITS-I courses will be organised in Amsterdam, from 24th to 25th of September 2019. They are intended for new CSIRT personnel and also for system administrators delivering services within EGI, EUDAT and EOSC who wish to gain a better understanding in the aspects...
EGI CSIRT Security Service Challenge SSC-19.03 final report
EGI CSIRT presented the EGI Security Service Challenge SSC-19.03, final report at the GDB meeting in CERN on 10th of July 2019. The Security Challenge ran in March and showed that the overall security of the EGI infrastructure is good, but the Incident Response...
EGI CSIRT runs 2nd at the FIRST security conference CTF competition
Over 1000 delegates attended this year's 31st Annual Conference at the Edinburgh International Conference Centre in Edinburgh, from June 16 to 21, 2019. Themes explored throughout the week included the security implications of the IoT, exploring how to anticipate...
What is a software vulnerability and what to do if you find one?
A software vulnerability is a weakness in software which could allow actions to be carried out which are not intended. This may be the usage of resources, access to data, destruction or encryption of data (e.g. ransomware). A software vulnerability in software...
EGI CSIRT meeting in Ljubljana
Another very busy EGI CSIRT meeting in beautiful Ljubljana, thanks a lot to JSI for having us! Besides the great hospitality the CSIRT enjoyed discussions on lessons learned from the latest incidents, how to improve our view on things in the EGI infrastructure, as...
Docker symlink-race attack CVE-2018-15664
Docker has been found vulnerable to a symlink-race attack in the API behind "docker cp". Some information on this has been published publicly already. Attackers can gain read-write access to the host filesystem with root privileges. A patch is not available yet, one...
