Romain LORENZINI

277 Added | 1 Magazine | 9 Following | 9 Followers | @RomainLORENZINI | Keep up with Romain LORENZINI on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “Romain LORENZINI”

Titus, the Netflix container management platform, is now open source

by Amit Joshi, Andrew Leung, Corin Dwyer, Fabio Kung, Sargun Dhillon, Tomasz Bak, Andrew Spyker, Tim Bozarth<p>Today, we are open-sourcing Titus, our …

DevOps

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

It's time to update your Drupal websites, once again. For the second time within a month, Drupal has been found vulnerable to another critical …

Information Security

GDPR Is Coming, So What Now for WHOIS Domain Registration Data?

When the European Union General Data Protection Regulation (GDPR) comes into force on May 25, 2018, what will happen to currently-available domain …

Personal Data

How to deploy an EFK stack to Kubernetes.

Kubernetes

Millions of IP addresses blocked as Russia tries to shut down Telegram

Russia has blocked more than 16 million internet protocol addresses in its attempt to ban the popular encrypted messaging app Telegram, leading to interruptions in the service of major websites and media.<p>A court ordered the service blocked in Russia after it refused to hand over its encryption keys …

Privacy

La CNIL et Bpifrance s’associent pour accompagner les TPE et PME dans leur appropriation du Règlement européen sur la protection des données (RGPD)

Le RGPD entre en application le 25 mai 2018. La CNIL, régulateur des données personnelles et Bpifrance, partenaire des entreprises, ont uni leurs …

Protection

Cyber Defenders 2018

This year’s trends and high-momentum startups with the potential to shape the future of cybersecurity.<p>Nearly 1,000 data-breaches occurred in the …

Cybersecurity

Introducing kaniko: Build container images in Kubernetes and Google Container Builder without privileges

By Priya Wadhwa, Software Engineer<br>Building images from a standard Dockerfile typically relies upon interactive access to a Docker daemon, which …

DevOps

Microsoft built its own custom Linux kernel for its new IoT service

At a small press event in San Francisco, Microsoft today announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices — the kind of devices that use tiny and relatively low-powered microcontrollers (MCUs) for basic control or connectivity features. …

Linux

US, Britain warn of Russian campaign to hack networks

Russian government-sponsored hackers are compromising the key hardware of government and business computer networks like routers and firewalls, …

Cybersecurity

Dump cleartext credentials from memory: MimiPenguin

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.<p>Takes advantage …

Forensics

Painless Cuckoo Sandbox Installation

<i>TLDR: As part of our SANS SEC599 development efforts, we updated (fixed + added some new features) an existing Cuckoo Auto Install script by Buguroo</i> …

Cybersecurity

Fast, Scalable and Secure Openshift Networking with Cisco ACI

As a Red Hat partner, it’s been amazing to watch the growth and success of OpenShift over the past year. OpenShift doesn’t just gives developers a trusted path and tooling necessary to adopt Kubernetes — it improves agility and productivity and accelerates application delivery in on-premise, …

DevOps

Hackers Have Started Exploiting Drupal RCE Exploit Released Yesterday

Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code. Two …

Information Security

Uncovering Drupalgeddon 2

By Eyal Shalev, Rotem Reiss and Eran Vaknin<p><b>Abstract</b><p>Two weeks ago, a highly critical (21/25 NIST rank) vulnerability, nicknamed Drupalgeddon 2 …

Information Security

Serverless Architectures: A Paradigm Shift in Application Security

"Serverless" forces software architects and developers to approach security by building it in rather than bolting it on. But there is a downside.<p>One …

Microservices

A code injection to stop code injection could solve serverless security

Serverless computing is not quite carefree computing. Those using it don't have to worry about servers, apart from the cloud service provider's bill. …

Information Security

Automatically Stealing Password Hashes with Microsoft Outlook and OLE

Back in 2016, a coworker of mine was using CERT BFF, and he asked how he could turn a seemingly exploitable crash in Microsoft Office into a …

Information Security

Warning: Your Windows PC Can Get Hacked by Just Visiting a Site

Can you get hacked just by clicking on a malicious link or opening a website? — YES. Microsoft has just released its April month's Patch Tuesday …

Information Security

Critical Code Execution Flaw Found in CyberArk Enterprise Password Vault

A critical remote code execution vulnerability has been discovered in CyberArk Enterprise Password Vault application that could allow an attacker to …

Information Security

Response Policy Zones: A Little-Known Cybersecurity Measure You Should Be Using

What if I told you there was a little-known mechanism you could use to identify devices infected with malware and then use it to cut those infected devices off from malware command-and-control servers? What if I also told you that you could use this mechanism to prevent users from accidentally …

Information Security

Gmail is secure. Netflix is secure. Together they're a phishing threat

Google doesn't recognise dots in email addresses, which creates an opportunity for evilA developer has discovered that Gmail's email handling creates …

E-Mail

Web standard brings password-free sign-ins to virtually any site

Tech companies have been trying to do away with web passwords for years, but now it looks like they've reached a key milestone. The FIDO Alliance and W3C have launched a Web Authentication standard that makes it easier to offer truly unique encryption credentials for each site. That, in turn, lets …

Google Chrome

Rise Of The Nanoservice: How AWS Application Repository Will Accelerate Serverless

<i>Our ApplicationCostMonitoring nanoservice is now a featured app in AWS Serverless Application Repository under Logging and Monitoring!</i><p>With AWS …

Cloud Computing

The new IT ecosystem - Article - HPE Cloud28+

By HEMMER olivier<p>6 Feb 2018<p>| ecosystem; digital; Medium Enterprise; HPC; IoT - Asset Tracking / Management; Sales & Marketing; Very Large Enterprise; …

AWS Firewall Manager: Central Management for Your Web Application Portfolio | Amazon Web Services

There’s often tension between distributed and centralized control, especially in larger organizations. While a distributed control model allows teams …

Cloud Computing

Microsoft Office 365 Gets Built-in Ransomware Protection and Enhanced Security Features

Ransomware has been around for a few years, but it has become an albatross around everyone's neck, targeting big businesses, hospitals, financial …

Malware

Cloud Security: 10 Top Startups

These cloud security startups are creating innovative ways to defend networks against emerging threats and security complex multi-cloud environments.

Startups

How to Build a Cybersecurity Incident Response Plan

Being hit by a cyberattack is going to be painful. But it can be less painful if you're prepared, and these best practices can help.<p>When it comes to …

Information Security

Another reason why your Docker containers may be slow

In my last blog post I was talking about Kubernetes and how ThoughtSpot uses it for its dev infrastructure needs. Today I’d like to follow up on that …

DevOps