NGINX Tutorial: How to Securely Manage Secrets in Containers

2023-03-15 KENNETH 0

NGINX Tutorial: How to Securely Manage Secrets in Containers This post is one of four tutorials that help you put into practice concepts from Microservices March 2023: Start Delivering Microservices: How to Deploy and Configure Microservices How to Securely Manage Secrets in Containers (this post) How to Use GitHub Actions to Automate Microservices Canary Releases (coming soon) How to Use OpenTelemetry Tracing to Understand Your Microservices (coming soon) Many of your microservices need secrets to operate securely. Examples of secrets include the private key for an SSL/TLS certificate, an API key to authenticate to another service, or an SSH key for remote login. Proper secrets management requires strictly limiting the contexts where secrets are used to only the places they need to be and preventing secrets from being accessed except when needed. But this practice is often skipped in the rush [ more… ]

[도서] 로블록스로 게임 만들기

2023-03-14 KENNETH 0

[도서] 로블록스로 게임 만들기 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]로블록스로 게임 만들기 박필준 저 | 앤써북 | 2023년 03월 판매가 16,920원 (10%할인) | YES포인트 940원(5%지급) 『로블록스로 게임 만들기』 책은 완전 초보자의 눈높이에서 로블록스 설치부터 루아 코딩 기초, 메타버스 콘텐츠 만들고, 게임 만들고, 배포 수익화까지 단계별로 따라할 수 있도록 구성하였습니다. 『로블록스로 Source: [도서] 로블록스로 게임 만들기

[도서] 취미로 해킹#7(SBP)

2023-03-14 KENNETH 0

[도서] 취미로 해킹#7(SBP) 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]취미로 해킹#7(SBP) 장용하,이동원,권송이,김승일 공저 | BOOKK(부크크) | 2023년 08월 판매가 23,000원 (0%할인) | YES포인트 0원(0%지급) 해킹 대회 연습, 여전히 막막하신가요? “암호학같이 생소한 분야는 손도 못 댈 정도로 어려워요. 풀 수 있게 누가 좀 알려줬으면…” “천재들이 하는 말은 생략된 부분이 많아서 들어도 모르겠어요. 정말 일말 Source: [도서] 취미로 해킹#7(SBP)

No Image

USN-5949-1: Chromium vulnerabilities

2023-03-14 KENNETH 0

USN-5949-1: Chromium vulnerabilities It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0930, CVE-2023-1219, CVE-2023-1220, CVE-2023-1222) It was discovered that Chromium contained an integer overflow in the PDF component. A remote attacker could possibly use this issue to corrupt memory via a crafted PDF file, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0933) It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0941, CVE-2023-0928, CVE-2023-0929, CVE-2023-0931, CVE-2023-1213, CVE-2023-1216, CVE-2023-1218) It was [ more… ]

No Image

USN-5948-1: Werkzeug vulnerabilities

2023-03-14 KENNETH 0

USN-5948-1: Werkzeug vulnerabilities It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookies. (CVE-2023-23934) It was discovered that Werkzeug could be made to process unlimited number of multipart form data parts. A remote attacker could possibly use this issue to cause Werkzeug to consume resources, leading to a denial of service. (CVE-2023-25577) Source: USN-5948-1: Werkzeug vulnerabilities