Tag Archives: Kubernetes

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report.

Alternative video link (for Russia): https://vk.com/video-149273431_456239106

Continue reading

First steps with Docker: installation in CentOS 7, vulnerability assessment, interactive mode and saving changes

Docker and containerization are literally everywhere. IMHO, this changes the IT landscape much more than virtualization and clouds. Let’s say you have a host, you checked it and find out that there are no vulnerable packages. But what’s the point if this host runs Docker containers with their own packages that may be vulnerable? Add to this the issues with complex orchestration systems, such as Kubernetes, completely different DevOps subculture with their own terms, slang, beliefs, priorities, and the situation begins to look like complete IT Hell. 🙂

First steps with Docker

But it seems that Docker will be here for a long time, so we will have to live with it. 😉 Here I will not write what Docker is and how it works. There are many publications about this. I personally interested in what actually we can do with these weird “virtual machines”, how can we run and assess them.

Continue reading

VB-Trend 2018 Splunk Conference

Today I attended VB-Trend 2018 Splunk conference organized by system integrator VolgaBlob.

VB-Trend 2018

Video fragments from the event:

Comparing to “Splunk Discovery Day“, the conference was much smaller (less than 100 people), focused on technical aspects, Information Security and informal communication. And I need to say that there really was a lot of talks with colleagues from different companies, not only about Splunk, but also about Vulnerability Management, Application Security and Container Security.

Continue reading