Cloud Security Alliance News Clipping Site

Tag: server

  • Hacker News: Refresh vs. Long-lived Access Tokens (2023)

    by

    system automation
    in

    Source URL: https://grayduck.mn/2023/04/17/refresh-vs-long-lived-access-tokens/ Source: Hacker News Title: Refresh vs. Long-lived Access Tokens (2023) Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the differences between long-lived access tokens and a combination of long-lived refresh tokens with short-lived access tokens, particularly in the context of OAuth 2.0. It highlights the security benefits of…

  • Hacker News: Listen to the whispers: web timing attacks that work

    by

    system automation
    in

    Source URL: https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work Source: Hacker News Title: Listen to the whispers: web timing attacks that work Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text introduces novel web timing attack techniques capable of breaching server security by exposing hidden vulnerabilities, misconfigurations, and attack surfaces more effectively than previous methods. It emphasizes the practical…

  • The Register: ‘Alarming’ bugs lay low in Ubuntu Server utility for 10 years

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/21/qualys_ubuntu_server_vulnerabilities/ Source: The Register Title: ‘Alarming’ bugs lay low in Ubuntu Server utility for 10 years Feedly Summary: Update now: Qualys says vulnerabilities give root and are ‘easily exploitable’ Researchers at Qualys refuse to release exploit code for five bugs in Ubuntu Server’s needrestart utility that allow unprivileged attackers to gain root access…

  • Simon Willison’s Weblog: TextSynth Server

    by

    system automation
    in

    Source URL: https://simonwillison.net/2024/Nov/21/textsynth-server/ Source: Simon Willison’s Weblog Title: TextSynth Server Feedly Summary: TextSynth Server I’d missed this: Fabrice Bellard (yes, that Fabrice Bellard) has a project called TextSynth Server which he describes like this: ts_server is a web server proposing a REST API to large language models. They can be used for example for text…

  • Hacker News: AWS Lambda PR/FAQ After 10 Years

    by

    system automation
    in

    Source URL: https://www.allthingsdistributed.com/2024/11/aws-lambda-turns-10-a-rare-look-at-the-doc-that-started-it.html Source: Hacker News Title: AWS Lambda PR/FAQ After 10 Years Feedly Summary: Comments AI Summary and Description: Yes Summary: The text details the evolution and features of AWS Lambda, a serverless computing service that enables developers to run their code without the complexities associated with infrastructure management. This information can greatly benefit…

  • Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors…

  • The Register: Microsoft unveils beefy custom AMD chip to crunch HPC workloads on Azure

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/20/microsoft_azure_custom_amd/ Source: The Register Title: Microsoft unveils beefy custom AMD chip to crunch HPC workloads on Azure Feedly Summary: In-house DPU and HSM silicon also shown off Ignite One of the advantages of being a megacorp is that you can customize the silicon that underpins your infrastructure, as Microsoft is demonstrating at this…

  • The Cloudflare Blog: Bigger and badder: how DDoS attack sizes have evolved over the last decade

    by

    system automation
    in

    Source URL: https://blog.cloudflare.com/bigger-and-badder-how-ddos-attack-sizes-have-evolved-over-the-last-decade Source: The Cloudflare Blog Title: Bigger and badder: how DDoS attack sizes have evolved over the last decade Feedly Summary: If we plot the metrics associated with large DDoS attacks observed in the last 10 years, does it show a straight, steady increase in an exponential curve that keeps becoming steeper, or…

  • Hacker News: Let’s Encrypt is 10 years old now

    by

    system automation
    in

    Source URL: https://letsencrypt.org/2014/11/18/announcing-lets-encrypt/ Source: Hacker News Title: Let’s Encrypt is 10 years old now Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the launch of Let’s Encrypt, a free certificate authority aimed at simplifying the process of obtaining TLS certificates to enhance internet security. The initiative champions principles such as free…

  • The Register: European Cloud Competition Observatory created to keep an eye on software licensing

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/20/european_cloud_competition_observatory/ Source: The Register Title: European Cloud Competition Observatory created to keep an eye on software licensing Feedly Summary: Initiative follows Microsoft settlement with CISPE consortium Exclusive The Cloud Infrastructure Services Providers in Europe (CISPE) consortium has launched the European Cloud Competition Observatory (ECCO) to keep an eye on software licensing practices in…