[월:] 2021년 09월

No Image

Sea of Thieves Season Four update available now for free

2021-09-23 KENNETH 0

Sea of Thieves Season Four update available now for free Season Four is the latest Sea of Thieves content update, available now for free for all players with Xbox Game Pass and across Windows 10, Xbox Series X|S, Xbox One and Steam. Get the update and dive into the Sunken Kingdom to solve puzzles and unearth the secrets of its Siren Shrines, or battle through waves of Ocean Crawlers and Sirens to raid the Siren Treasuries. Seasonal progression allows all players to earn renown and rewards, with a fresh array of trials and deeds to boost progress and an optional Plunder Pass to expand the reward pool. Head on over to Xbox Wire to find out more. Source: Sea of Thieves Season Four update available now for free

No Image

USN-5089-2: ca-certificates update

2021-09-23 KENNETH 0

USN-5089-2: ca-certificates update USN-5089-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Source: USN-5089-2: ca-certificates update

No Image

USN-5089-1: ca-certificates update

2021-09-23 KENNETH 0

USN-5089-1: ca-certificates update The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Source: USN-5089-1: ca-certificates update

No Image

USN-5088-1: EDK II vulnerabilities

2021-09-23 KENNETH 0

USN-5088-1: EDK II vulnerabilities It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. (CVE-2019-11098) Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. (CVE-2021-23840) Ingo Schwarze discovered that OpenSSL used in EDK II incorrectly handled certain ASN.1 strings. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712) It was discovered that EDK II incorrectly decoded certain strings. A remote attacker could use this issue to cause EDK II [ more… ]

Implementing OpenID Connect Authentication for Kubernetes with Okta and NGINX Ingress Controller

2021-09-23 KENNETH 0

Implementing OpenID Connect Authentication for Kubernetes with Okta and NGINX Ingress Controller We’ve written many times about how important it is to secure your apps and APIs in today’s climate of ransomware and bot‑driven attacks. Along with mechanisms like web application firewall (WAF), authenticating user identities and enforcing authorization controls are important ways to protect your business applications. The most direct way to implement authentication and authorization is in the applications themselves. While this can work when your user base is small and your app doesn’t require frequent updates, it quickly becomes untenable at scale. For one thing, when your users have to remember a different account name and password for each of many apps, they’re often greeted with frustrating “incorrect username or password” messages when trying to log in, leading them to resort to insecure solutions like easily guessed [ more… ]