It finally happened. At the start of DockerCon Europe and a week before KubeCon was set to take place in the U.S., researchers discovered the first major vulnerability within Kubernetes, the popular cloud container orchestration system.
Darren Shepherd, Rancher co-founder and Chief Architect, describes the Kubernetes critical CVE issue he discovered, how it came to a resolution, and what it says about the Kubernetes open-source community.
In the past few days, a new vulnerability was disclosed in a widely used component – jQuery File Upload plugin. A change in Apache’s Web Server security setting handling, exposed users of this plugin to an unrestricted file upload flaw. Let’s dig in on how to detect jQuery File Upload vulnerability (CVE-2018-9206) using Falco.
Most likely you have heard about Spectre and Meltdown by now. It’s all over the news. As an IT or DevOps engineer, it’s now your job to patch your EC2 instance operating systems. This task can be “fun” if you need to SSH/RDP into every EC2 instance and apply patches. Or, it can be truly fun if you decide to use AWS Systems Manager to apply patches to your OS.
