[월:] 2020년 04월

No Image

USN-4335-1: Thunderbird vulnerabilities

2020-04-22 KENNETH 0

USN-4335-1: Thunderbird vulnerabilities thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in Thunderbird. Software Description thunderbird – Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6812, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6821, CVE-2020-6825) It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to [ more… ]

No Image

[동영상] 스타트업을 위한 AWS 비용 최적화 – 6가지 방법

2020-04-22 KENNETH 0

[동영상] 스타트업을 위한 AWS 비용 최적화 – 6가지 방법 많은 스타트업 고객들이 AWS 클라우드를 기반으로 다양한 애플리케이션을 구축하여, 민첩하게 대규모 사용자 확장에 대비하여 서비스를 만들고 있습니다. 혹시 아직 사용자가 많지 않은데도 불구하고 현재 클라우드 자원 사용량이 많거나 비용이 높다고 생각하신다면, 클라우드 비용을 최적화하기 위해 여러분이 꼭 해야 하는 사항들이 있습니다. 이 글에서는 여러분의 애플리케이션 패턴과 워크로드에 따라 스타트업이 고려해야 하는 6가지 빠른 비용 최적화 방법을 소개합니다. 15분만 투자하시면 여러분의 사업에 큰 영향을 줄 수 있는 도구와 접근 방식을 알려 드리겠습니다. Amazon S3 Intelligent Tiering 활성화 AWS Instance Scheduler를 통한 미사용 인스턴스 비용 절감  (토스랩 활용 사례) Amazon EC2 Spot 인스턴스 옵션 선택 AWS Saving Plan 활용 AWS 예약 인스턴스 활용 AWS Trunsted Adviser를 통한 활용도 낮은 네트워크 리소스 정리 FAQ Q: 비용 절감에 대한 어디로 연락하면 좋을까요? 모든 AWS 고객은 담당 어카운트 매니저가 있습니다. 해당 직원을 알고 계시다면, 추가 지원을 [ more… ]

Help the World by Healing Your NGINX Configuration

2020-04-22 KENNETH 0

Help the World by Healing Your NGINX Configuration In his famous speech at the University of Texas in 2014, Admiral William H. McRaven said that if you want to change the world, start off by making your bed. Sometimes small things can have a big impact – whether it’s making your bed in the morning or making few changes to your website’s HTTP server configuration. Does that seem like an overstatement? The first months of 2020 have flushed down the drain all definitions of what’s normal and reasonable in our world. With almost half of the Earth’s population locked down in their homes due to the COVID‑19 pandemic, the Internet has become their only mode of communication, entertainment, buying food, working, and education. And each week the Internet is seeing higher network traffic and server load than ever before. According to a report [ more… ]

Now available for you and your family: See how Microsoft 365 helps you connect, work and learn from home

2020-04-21 KENNETH 0

Now available for you and your family: See how Microsoft 365 helps you connect, work and learn from home Microsoft 365 Personal and Family subscriptions are now generally available worldwide. “As everyone adapts to different and innovative ways of living, working, and organizing, we are here to help in that process,” says Yusuf Mehdi, corporate vice president, Modern Life, Search & Devices, in a blog post. “Today, we’re excited that Microsoft 365 has more to offer across free and premium experiences.” Mehdi lists 10 ways Microsoft can help you and your family experience more efficiency, enjoyment and ease across your lives. Head over to the Microsoft 365 post to read his list, which also previews features on the horizon. To check out plans and pricing and subscribe, head over to the Microsoft 365 product page. The post Now available for [ more… ]

No Image

USN-4333-1: Python vulnerabilities

2020-04-21 KENNETH 0

USN-4333-1: Python vulnerabilities python2.7, python3.4, python3.5, python3.6, python3.7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Several security issues were fixed in Python. Software Description python3.7 – An interactive high-level object-oriented language python2.7 – An interactive high-level object-oriented language python3.6 – An interactive high-level object-oriented language python3.5 – An interactive high-level object-oriented language python3.4 – An interactive high-level object-oriented language Details It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348) It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492) Update instructions The problem can be corrected by updating your system to the [ more… ]