cybersecurity

5183 readers

13 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

Years-old bugs in open source took out major clouds at risk • The Register (www.theregister.com)

submitted 3 days ago by cm0002@suppo.fi to c/cybersecurity

0 comments fedilink hide all child comments

A series of "trivial-to-exploit" vulnerabilities in Fluent Bit, an open source log collection tool that runs in every major cloud and AI lab, was left open for years, giving attackers an exploit chain to completely disrupt cloud services and alter data.

The Oligo Security research team found the five vulnerabilities and - in coordination with the project's maintainers - on Monday published details about the bugs that allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here