Cybersecurity spotlight on bug bounty researcher @adrianoapj
As we wrap up Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@adrianoapj!
The post [Cybersecurity spotlight on bug bounty researcher @adrianoapj](https://github.blog/security/vulnerability-research/cybersecurity-spotlight-on-bug-bounty-researcher-adriano … ⌘ Read more
Docker at Cloud Expo Asia: GenAI, Security, and New Innovations
At Cloud Expo Asia 2024, Docker showcased its latest innovations in AI integration, security best practices, and product updates, highlighting how containers empower GenAI workflows and enable efficient, secure software development. ⌘ Read more
Securing the open source supply chain: The essential role of CVEs
Vulnerability data has grown in volume and complexity over the past decade, but open source and programs like the Github Security Lab have helped supply chain security keep pace.
The post Securing the open source supply chain: The essential role of CVEs appeared first … ⌘ Read more
Keep up with cloud native and Kubernetes security with the updated CKS certification
CKS exam updated on October 15, 2024 Cloud Native and Kubernetes adoption is accelerating Cloud native technology adoption continues to increase across all enterprises, with most new applications being built on cloud native platforms and, in… ⌘ Read more
New Docker Terraform Provider: Automate, Secure, and Scale with Ease
Announcing the launch of the Docker Terraform Provider, designed to help users and organizations automate and securely manage their Docker-hosted resources. ⌘ Read more
MicroK8s and ngrok: easy ingress at the edge
Member post originally published on ngrok’s blog by Mike Coleman MicroK8s is a lightweight, efficient, and easy-to-use Kubernetes distribution that enables users to deploy and manage containerized applications. ngrok, on the other hand, provides a secure and scalable… ⌘ Read more
FWS-2290 is a Compact Desktop Network Appliance with Intel N97 for Security Solutions
The FWS-2290, recently launched by AAEON, is a desktop network appliance powered by Intel’s N-series processors, specifically the Intel Processor N97. Designed for UTM and VPN applications, it integrates features such as Intel Control-Flow Enforcement Technology, AES-NI, and Virtualization Technology for Directed I/O. This AAEON product is configured only with the following … ⌘ Read more
How to ace the Kubernetes and Cloud Native Security Associate (KCSA) exam
Community post originally published on Medium by Giorgi Keratishvili Introduction Over the last five years, security has emerged as one of the most demanding skills in IT. When combined with the equally sought-after skill of containers, we get… ⌘ Read more
jeffro256 submits CCS proposal to get ‘Carrot’ reviewed by CypherStack
jeffro2561 has submitted a CCS proposal2 looking to get the Carrot 3 spec document peer reviewed by CypherStack4:
This CCS will provide funding for the first step towards a Carrot implementation in Monero. [..] The deliverable is a write-up which will include security proofs for all properties listed in section 9. [..] In the case that CypherStack requires more funds to com … ⌘ Read more
KubeCon + CloudNativeCon North America 2024 co-located event deep dive: Cilium + eBPF Day
Co-chairs: Bill Mulligan and Vlad UngureanuNovember 12, 2024Salt Lake City, Utah Cilium + eBPF Day will offer a deep dive into how Cilium and eBPF are revolutionizing networking, security, and observability for cloud native environments. From real-world case… ⌘ Read more
Erlang Solutions: Why Open Source Technologies is a Smart Choice for Fintech Businesses
Traditionally, the fintech industry relied on proprietary software, with usage and distribution restricted by paid licences. Fintech open-source technologies were distrusted due to security concerns over visible code in complex systems.
But fast-forward to today and financial institutions, including neobanks like Revolut and Monzo, have embraced open source solutions. … ⌘ Read more
[ANN] [CVE-2024-9680] Update Tor Browser & Firefox immediately
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
Links:
- https://blog.torproject.org/new-release-tor-browser-1357/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
n … ⌘ Read more
How to Update MacOS Sonoma/Ventura Without Installing Sequoia
If you’re not yet interested in installing MacOS Sequoia for whatever reason – perhaps due to compatibility issues, waiting for specific features, or just holding off until Sequoia is more refined – you almost certainly still want to install other system software updates as they become available to your Mac, including installing any available security … [Read More](https://osxdaily.com/2024/10/09/how-to-update- … ⌘ Read more
The second half of software supply chain security on GitHub
Learn about a community-developed framework for how to think about this problem holistically and how to use GitHub, particularly, to improve the security in the second half of your software supply chain.
The post The second half of software supply chain security on GitHub appeared fir … ⌘ Read more
[ANN] Understanding Jamtis: A New Addressing Scheme for Monero
By simplifying how addresses are shared, speeding up wallet synchronization, and ensuring more reliable output detection, Jamtis represents a big leap forward in usability—without sacrificing Monero’s commitment to privacy and security.
Link: https://kewbit.org/understanding-jamtis-a-new-address-format-for-monero/
KewbitXMR (Github) ⌘ Read more
MacOS Sequoia 15.0.1 Update with Bug Fixes is Available
Apple has released MacOS Sequoia 15.0.1 as a software update to Mac users running the Sequoia operating system. The update includes bug fixes and security enhancements, and is therefore recommended for all MacOS users running Sequoia to install. For Mac users who are running MacOS Sonoma or macOS Ventura, you’ll find Safari 18.0.1 update available … [Read More](https://osxdaily.com/2024/10/04/macos-sequoia-15-0-1-update-wi … ⌘ Read more
iOS 18.0.1 & iPadOS 18.0.1 Updates Released with Bug Fixes
Apple has released iOS 18.0.1 for iPhone and iPadOS 18.0.1 for iPad. The purpose of these small updates is to fix various bugs and resolve a variety of security issues that were present in the 18.0 releases of iOS/iPadOS. Specifically, iOS 18.0.1 aims to resolve some issues with touch screens and camera functionality on iPhone … Read More ⌘ Read more
Reading about browser security measures and getting sad we don’t live in a world where cross-site scripting is a feature instead of a bug.
Benefits of Kubernetes and Cloud Native Security Associate (KCSA) Certification
From a discussion with Andrew Martin, CEO and Co-Founder,
ControlPlane and Ashley Ward, CTO, ControlPlane Earning the Kubernetes and Cloud Native Security Associate (KCSA) certification is valuable for both organizations and IT professionals. This certification signifies a strong understanding… ⌘ Read more
Cybersecurity spotlight on bug bounty researcher @imrerad
For this year’s Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@imrerad!
The post Cybersecurity spotlight on bug bounty researcher @imrerad appeare … ⌘ Read more
Kicking off Cybersecurity Awareness Month: Researcher spotlights and additional incentives!
For this year’s Cybersecurity Awareness Month, GitHub’s Bug Bounty team is excited to offer some additional incentives to security researchers!
The post [Kicking off Cybersecurity Awareness Month: Researcher spotlights and additional incentives!](https://github.blog/security/vulnerability-research/kicking-off-cybersecurity-awareness-mo … ⌘ Read more
The state of security in cloud native development 2024
Earlier this year, The Linux Foundation surveyed 200 organizations to understand how they’re tackling security in cloud native application development. At a time when security breaches are increasing in frequency and in impact – the average breach now… ⌘ Read more
Erlang Solutions: Erlang Concurrency: Evolving for Performance
Some languages are born performant, and later on tackle concurrency. Others are born concurrently and later build on performance. C or Rust system’s programming are examples of the former, Erlang’s Concurrency is an example of the latter.
A mistake in concurrency can essentially let all hell loose, incurring incredibly hard-to-track bugs and even security vulnerabilities, and a mistake in performance can leave a product tr … ⌘ Read more
iOS 17.7 & iPad 17.7 Updates Released with Security Fixes
Apple has released iOS 17.7 and iPadOS 17.7 as software updates for iPhone and iPad, containing important security fixes that make these updates recommended to install. While most attention is on the freshly released iOS 18 and iPadOS 18 software updates for iPhone and iPad users, Apple has also released security updates for users who … [Read More](https://osxdaily.com/2024/09/18/ios-17-7-ipad-17-7-updates-released- … ⌘ Read more
MacOS Sonoma 14.7 & MacOS Ventura 13.7 Updates Released with Security Fixes
Apple has issued new software updates for MacOS Sonoma 14.7 and MacOS Ventura 13.7, for users who are not yet installing the freshly released MacOS Sequoia 15.0 system software upgrade. Both MacOS Sonoma 14.7 and MacOS Ventura 13.7 contain security fixes, and are therefore recommended to all Mac users. There are no new features or … [Read More](https://osxdaily.com/2024/09/17/maco … ⌘ Read more
Exploding Pagers & The Case for a Secure Supply Chain
Hezbollah’s exploding pagers is a good opportunity to talk about hardware and software supply chains. ⌘ Read more
Secure by Design for AI: Building Resilient Systems from the Ground Up
Dive into the “Secure by Design” approach essential for AI systems, focusing on embedding security features from the start to fortify AI against emerging threats. ⌘ Read more
ASRock Industrial SBC-374: A Versatile Platform Accommodating Meteor Lake-PS Intel Processors
The ASRock Industrial SBC-374 is a robust single board computer designed for embedded applications. It features Intel Core Ultra Processors (Meteor Lake-PS) on an LGA 1851 socket and is supported by an AMI SPI BIOS with secure flash options, suitable for demanding tasks in secure environments. According to the product specifications, the SBC-374 supports Inte … ⌘ Read more
Beginner’s guide to GitHub: Setting up and securing your profile
As part of the GitHub for Beginners guide, learn how to improve the security of your profile and create a profile README. This will let you give your GitHub account a little more personality.
The post Beginner’s guide to GitHub: Setting up and securing your profile appeared first on [The … ⌘ Read more
@prologic@twtxt.net Some criticisms and a possible alternative direction:
Key rotation. I’m not a security person, but my understanding is that it’s good to be able to give keys an expiry date and replace them with new ones periodically.
It makes maintaining a feed more complicated. Now instead of just needing to put a file on a web server (and scan the logs for user agents) I also need to do this. What brought me to twtxt was its radical simplicity.
Instead, maybe we should think about a way to allow old urls to be rotated out? Like, my metadata could somehow say that X used to be my primary URL, but going forward from date D onward my primary url is Y. (Or, if you really want to use public key cryptography, maybe something similar could be used for key rotation there.)
It’s nice that your scheme would add a way to verify the twts you download, but https is supposed to do that anyway. If you don’t trust https to do that (maybe you don’t like relying on root CAs?) then maybe your preferred solution should be reflected by your primary feed url. E.g. if you prefer the security offered by IPFS, then maybe an IPNS url would do the trick. The fact that feed locations are URLs gives some flexibility. (But then rotation is still an issue, if I understand ipns right.)
Join Docker CEO Scott Johnston at SwampUP 2024 in Austin
Discover how Docker and JFrog are enhancing secure software development at SwampUP 2024 in Austin, Texas, from September 9-11. Docker CEO Scott Johnston will highlight the critical roles of Docker Desktop, Docker Hub, and Docker Scout in building secure, efficient applications, showcasing their integration within JFrog’s platform. ⌘ Read more
New Docker Desktop Enterprise Admin Features: MSI Installer and Login Enforcement Alternative
We’re excited to launch the general availability for two significant updates: the Docker Desktop MSI installer and a new sign-in enforcement alternative. These updates aim to streamline administration, improve security, and ensure users can take full advantage of Docker Business subscription features. ⌘ Read more
Docker Desktop 4.34: MSI Installer GA, Upgraded Host Networking, and Powerful Enhancements for Boosted Productivity & Administration
Discover Docker Desktop 4.34’s enhancements that boost security, scalability, and productivity for developers. This release includes a readily available MSI installer for simpler Windows deployment, improved authentication processes, smart storage compaction for WSL2, and seamless NVIDIA AI Workbench integration for streamlined model training and local development. ⌘ Read more
↳
In-reply-to
»
This tool, using age is pretty neat: https://github.com/ndavd/agevault. So simple, yet seemingly powerful!
⤋ Read More
@mckinley@twtxt.net agevault uses age, allegedly very secure (aiming to replace pgp/gpg). Comparing it with gocryptfs, from the user perspective, agevault seems simpler, though CLI exclusive. As the repository states, “Like age, it features no config options, allowing for a straightforward secure flow”. It would also run in all major OS platforms out of the box.
But agevault is also very new. Though age has been around for a while now, I don’t see an “audited” link (neither on agevault, nor age).
LitmusChaos audit complete!
Cross-posted from the OSTIF blog OSTIF is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of 7ASecurity and the Cloud Native Computing Foundation,… ⌘ Read more
Streamlining Local Development with Dev Containers and Testcontainers Cloud
Learn how to run Testcontainers-based tests or services from within dev containers and how to leverage Testcontainers Cloud securely and efficiently to make interacting with Docker even easier. ⌘ Read more
wasmCloud on the factory floor: efficient and secure processing of high velocity machine data
End user blog by Jochen Rau and Tyler Schoppe, Platform Engineering team at MachineMetrics “WebAssembly, wasmCloud, and NATS will not only reshape the MachineMetrics business but are already transforming industrial IoT. A big thanks to the WebAssembly and… ⌘ Read more
SSO and RBAC: a secure access strategy for your Kubernetes
Member post originally published on the Devtron blog by Bhushan Nemade TL;DR In the dynamic world of cloud-native, Kubernetes stands as an undisputed leader in the space of container orchestration. This article explores how to secure your Kubernetes… ⌘ Read more
Found means fixed: Secure code more than three times faster with Copilot Autofix
With Copilot Autofix, developers and security teams can keep new vulnerabilities out of code and confidently remediate their backlog security debt.
The post Found means fixed: Secure code more than three times faster with Copilot Autofix appeared first on [The GitHub … ⌘ Read more
From object transition to RCE in the Chrome renderer
In this post, I’ll exploit CVE-2024-5830, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post From object transition to RCE in the Chrome renderer appeared first on The GitHub Blog. ⌘ Read more
Zero Trust and Docker Desktop: An Introduction
We explore Zero Trust security and walk through several strategies for implementing Zero Trust within a Docker Desktop-based development environment. ⌘ Read more
Docker Best Practices: Understanding the Differences Between ADD and COPY Instructions in Dockerfiles
What are Docker ADD/COPY instructions and when should you use them? We explain the differences between the ADD and COPY instructions in Dockerfiles, including when to use each based on security, functionality, and build context. ⌘ Read more
The new technology helping Vietnamese coffee farmers adapt to a changing climate
The way farmers manage soil health could soon become cheaper, easier, and better for the environment thanks to artificial intelligence. ⌘ Read more
iOS 16.7.9, iPadOS 16.7.9, iOS 15.8.3, & iPadOS 15.8.3 Released with Security Fixes
Apple has issued security updates for prior generation iPhone and iPad models that are not compatible with iOS 17.6 and iPadOS 17.6. Specifically, the new updates are versioned as iOS 16.7.9, iPadOS 16.7.9, iOS 15.8.3, and iPadOS 15.8.3, and include important security fixes making them recommended for all users to install onto compatible devices. iOS … [Read More](htt … ⌘ Read more
MacOS Sonoma 14.6 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.6 for Mac users running the Sonoma operating system. The MacOS Sonoma 14.6 software update primarily focuses on bug fixes and security updates for most Macs, however it does include a nice new feature specifically for the 14″ M3 MacBook Pro series allowing that Mac to support two external displays … [Read More](https://osxdaily.com/2024/07/30/macos-sonoma-14-6-u … ⌘ Read more
MacOS Ventura 13.6.8, MacOS Monterey 12.7.6, Safari 17.6 Released with Security Fixes
Apple has released MacOS Ventura 13.6.8 and MacOS Monterey 12.7.6 with important security fixes for Mac users who are running the Ventura and Monterey operating systems. These updates include the same relevant security patches that are available in Sonoma 14.6. Ventura and Monterey users will also find an update for Safari 17.6 as well. Though … [Read More](https:// … ⌘ Read more
MacOS Sonoma 14.6 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.6 for Mac users running the Sonoma operating system. The MacOS Sonoma 14.6 software update primarily focuses on bug fixes and security updates for most Macs, however it does include a nice new feature specifically for the 14″ M3 MacBook Pro series allowing that Mac to support two external displays … [Read More](https://osxdaily.com/2024/07/30/macos-sonoma-14-6-u … ⌘ Read more
Configure GitHub Artifact Attestations for secure cloud-native delivery
Introducing the generally available capability of GitHub Artifact Attestations to secure your cloud-native supply chain packages and images.
The post Configure GitHub Artifact Attestations for secure cloud-native delivery appeared first on [The GitH … ⌘ Read more
Docker Scout Health Scores: Security Grading for Container Images in Your Docker Hub Registry
The Docker team introduces Docker Scout health scores to help quickly evaluate image health and simplify software security for developers. ⌘ Read more
iOS 17.6 & iPad 17.6 Released for iPhone & iPad
Apple has issued software updates for iPhone and iPad, versioned as iOS 17.6 and iPadOS 17.6, respectively. The new software updates include bug fixes and security patches, and do not include any new features or changes to the operating systems. iOS 17.6 and iPadOS 17.6 are now the latest final stable builds of operating systems … Read More ⌘ Read more