Tag

Appsec

Browsing

With recent explosion of Kubernetes adoption and Wallarm’s consistent effort to deliver Kubernetes native security offerings, I feel tremendous confidence in our collective ability to stay ahead of the emerging threats in the cloud native ecosystem.

Hundreds of millions of people using everyday platforms could be at risk. One of the most popular server-side web programming languages, Hypertext Preprocessor (PHP) was discovered to be at high risk for attacks. Patches for high-severity vulnerabilities have been released. Without a protective system like a smart WAF or a patch in place, those vulnerabilities could open the door for remote attacks that compromise servers through arbitrary code execution.

If you are a SecOps or DevOps professional on the west coast you can not miss the premier California application security event: AppSec California, January 22–25th in Santa Monica. Here are testimonials from the previous AppSec Cali events: “I’m looking forward to AppSecCali next week. Last year was awesome. This year looks even better!” — @jeremiahg “I think AppSecCali was one of the best conferences I have been to. Talks were good. Venue was awesome and atmosphere…

Today we will explore an exciting method to remotely execute code even if an administrator set disable_functions in the PHP configuration file. It works at most popular UNIX-like systems. CVE-2018–19518 was assigned to the vulnerability was found by a man with the @crlf nickname. Let’s see details of that vulnerability and how can we exploit it. Testing Environment For testing manipulations, we need to up a testing environment. I’ll use docker container with Debian 9…

November was a scary month in California. After four years of drought, the forests and towns in the northern part of the state exploded into wildfires, displacing thousands of residents and destroying millions of dollars of property. The foul air in San Francisco and the surrounding areas was a sordid reminder of the ordeal and a warning that once adverse conditions exist disaster can strike at any point. We can’t help but draw parallels between…