Archive for the ‘Security Architecture’ Category

APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see

Here’s this week’s BWAIN, our jocular term for a Bug With An Impressive Name. BWAIN is an accolade that we hand out when a new cybersecurity flaw not only turns out to be interesting and important, but also turns up with its own logo, domain name and website. This one is dubbed Ă†PIC Leak, a pun on […]

Leave a Comment

50% of internet-facing GitLab installations are still affected by a RCE flaw

Cybersecurity researchers warn of a now-patched critical remote code execution (RCE) vulnerability, tracked as CVE-2021-22205, in GitLab’s web interface that has been actively exploited in the wild. The vulnerability is an improper validation issue of user-provided images the can lead to arbitrary code execution. The vulnerability affects all versions starting from 11.9. “An issue has been […]

Leave a Comment

The evolution of cybersecurity within network architecture

A decade ago, security officers would have been able to identify the repercussions of an attack almost immediately, as most took place in the top-level layers of a system, typically through a malware attack. Now however, threat actors work over greater lengths of time, with much broader, long-term horizons in mind. Leaders can no longer […]

Leave a Comment