[월:] 2020년 08월

No Image

USN-4458-1: Apache HTTP Server vulnerabilities

2020-08-13 KENNETH 0

USN-4458-1: Apache HTTP Server vulnerabilities Fabrice Perez discovered that the Apache mod_rewrite module incorrectly handled certain redirects. A remote attacker could possibly use this issue to perform redirects to an unexpected URL. (CVE-2020-1927) Chamal De Silva discovered that the Apache mod_proxy_ftp module incorrectly handled memory when proxying to a malicious FTP server. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2020-1934) Felix Wilhelm discovered that the HTTP/2 implementation in Apache did not properly handle certain Cache-Digest headers. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9490) Felix Wilhelm discovered that the Apache mod_proxy_uwsgi module incorrectly handled large headers. A remote attacker could use this issue to obtain sensitive information or possibly execute arbitrary code. [ more… ]

A Reference Architecture for Real-Time APIs

2020-08-13 KENNETH 0

A Reference Architecture for Real-Time APIs In a previous blog, we showed how real‑time APIs play a critical role in our lives. As companies seek to compete in the digital era, APIs become a critical IT and business resource. Architecting the right underlying infrastructure ensures not only that your APIs are stable and secure, but also that they qualify as real‑time APIs, able to process API calls end-to-end within 30 milliseconds. API architectures are broadly broken up into two components: the data plane, or API gateway, and the control plane, which includes policy and developer portal servers. A real‑time API architecture depends mostly on the API gateway, which acts as a proxy to process API traffic. It’s the critical link in the performance chain. API gateways perform a variety of functions including authenticating API calls, routing requests to the right backends, [ more… ]

[도서] 데이터 3법 개정에 따른 개인정보 비식별 조치의 이해와 활용

2020-08-13 KENNETH 0

[도서] 데이터 3법 개정에 따른 개인정보 비식별 조치의 이해와 활용 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]데이터 3법 개정에 따른 개인정보 비식별 조치의 이해와 활용 김순석,김동현,김기태 공저 | 에이콘출판사 | 2020년 08월 판매가 31,500원 (10%할인) | YES포인트 1,750원(5%지급) 개인정보보호법 등 이른바 데이터 3법 개정에 따라 개인정보를 활용하려는 기관이나 기업 혹은 학생들이 현업에서 개인정보를 안전하게 보호하면서도 곧바로 활용할 수 있도록 돕는다. 비식별 조치(가명?익명)의 기 Source: [도서] 데이터 3법 개정에 따른 개인정보 비식별 조치의 이해와 활용

Announcing Windows 10 Insider Preview Build 20190

2020-08-13 KENNETH 0

Announcing Windows 10 Insider Preview Build 20190 Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 20190 to Windows Insiders in the Dev Channel. What’s new in Build 20190 New post-update experience We know that it doesn’t always feel clear what changed with a major update, or even how you can learn about and try out new features and improvements. This means that updates can feel time consuming without real benefit to you, and we want to change that. We’re introducing a new first run experience via the Tips app that highlights the most exciting changes on your PC after a major Windows 10 feature update is installed. After installing this build, Insiders will see the Tips app is launched highlight some of the most recent new features from the latest Insider Preview builds in the Dev Channel. [ more… ]

No Image

USN-4457-1: Software Properties vulnerability

2020-08-12 KENNETH 0

USN-4457-1: Software Properties vulnerability Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen. Source: USN-4457-1: Software Properties vulnerability