Blog

GO vulnerability CVE-2021-31525 Security Advisory Security Advisory Description net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) ... More info: https://support.f5.com/csp/article/K55518036?utm_source=f5support&utm_medium=RSS

Being a CISO is like being a wildland firefighter surrounded by arsonists. This stark reality is compounded by internal politics within the IT department. In the absence of greater authorities, internally it can feel like you are climbing a mountain on a daily basis. CISO’s who care deeply about their organization’s security are still marginalized The post CISO Empowerment appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/11/ciso-empowerment.html?utm_source=rss&utm_medium=rss&utm_campaign=ciso-empowerment

Linux kernel vulnerability CVE-2020-16119 Security Advisory Security Advisory Description Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP ... More info: https://support.f5.com/csp/article/K82248373?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2020-27786 Security Advisory Security Advisory Description A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and ... More info: https://support.f5.com/csp/article/K01249564?utm_source=f5support&utm_medium=RSS

According to the VMware State of Kubernetes 2021 Report, the containerized application attack surface has grown in orders of magnitude relative to virtualized applications with four times (4x) the growth in median containers per host from 2017 to 2020. That means many more points of entry for attackers, who have already taken notice of the The post Announcing New Kubernetes Connectivity Map from VMware Carbon Black appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/10/announcing-new-kubernetes-connectivity-map-from-vmware-carbon-black.html?utm_source=rss&utm_medium=rss&utm_campaign=announcing-new-kubernetes-connectivity-map-from-vmware-carbon-black

If security is a team sport, why is security still a specialization for many organizations? VMware commissioned Forrester Consulting to explore the current state of the IT, Security, and Development relationship dynamics in the recently released thought leadership paper, ‘Bridging the Developer and Security Divide.’ The problem – tech teams are misaligned As security professionals The post DevSecOps: The Competitive Advantage of a Unified Team appeared first on VMware Security More info: https://blogs.vmware.com/security/2021/10/devsecops-the-competitive-advantage-of-a-unified-team.html?utm_source=rss&utm_medium=rss&utm_campaign=devsecops-the-competitive-advantage-of-a-unified-team

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11222&actp=RSS

Grafana vulnerability CVE-2021-39226 Security Advisory Security Advisory Description Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated ... More info: https://support.f5.com/csp/article/K22322802?utm_source=f5support&utm_medium=RSS

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11245&actp=RSS

Apache HTTP server vulnerability CVE-2021-39275 Security Advisory Security Advisory Description ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included ... More info: https://support.f5.com/csp/article/K20622400?utm_source=f5support&utm_medium=RSS