Operations | Monitoring | ITSM | DevOps | Cloud

A new vulnerability, CVE-2020-8557, has been detected in kubelet. It can be exploited by writing into /etc/hosts to cause a denial of service. The source of the issue is that the /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager, so it’s not taken into account when calculating ephemeral storage usage by a pod.

My colleague Greg Zweig recently wrote a blog “Forget Videobombing – Worry About What You Can’t See” in which he outlined how Unified Communications (UC) assets are all too often left unsecured, making them an easy target.

Permissions and restrictions are something used to control how much access is provided to a particular user or user group. Therefore one must first understand what is the role of a user or a group. Here, you will understand permissions and restrictions through configuring users, user groups and roles. They can either be created using configuration files or web interface. When the Icinga Web 2 is installed a default user with admin access is configured.

We’re excited to announce that ManageEngine has been recognized as a Customers’ Choice in 2020 Gartner Peer Insights “Voice of the Customer’: Security Information and Event Management (SIEM) for the second time. This is in addition to our recognition in Gartner’s Magic Quadrant for Security Information and Event Management, 2020 for four consecutive times. We are thrilled to be named this recognition yet again. What better way to be recognized than by our customers?

Calico was designed from the ground up with a pluggable dataplane architecture. The Calico 3.13 release introduced an exciting new eBPF (extended Berkeley Packet Filter) dataplane targeted at those ready to adopt newer kernel versions and wanting to push the Linux kernel’s latest networking capabilities to the limit.

Customers regularly ask me what types of data sources they should be sending to their SIEMs to get the most value out of the solution. The driver for these conversations is often because the customers have been locked into a SIEM product where they have to pay more for consumption. More log data equals more money and, as a result, enterprises have to make a difficult choice around what log sources and data are what they guess is the most important.

The way we work has fundamentally changed in recent months due to the impact of the global COVID-19 pandemic. As more employees are working remotely, organizations are looking at new ways to ensure their workers can stay productive and secure. We released Splunk Remote Work Insights (RWI) to help IT and security teams have insight into the systems that their employees rely upon while working remotely.

Pitney Bowes, a global package delivery giant, has been hit by a second ransomware attack in less than seven months, according to ZDNet. Those responsible for the attack have released screenshots portraying directory listings from inside the company’s network. What is Maze ransomware and what makes it so special?

It’s no secret that COVID-19 is negatively impacting businesses of all sizes in a number of ways. Some more obvious than others. Unless you are in IT, you’re probably not thinking of how COVID-19 can affect the infrastructure security of your organization, but the truth is that as businesses make the tough decision to layoff employees in order to stay in business, basic security hygiene can easily be overlooked.