SaltStack recommends immediate patching after their disclosure of three new vulnerabilities, two of which are rated critical and can be remotely exploited without authentication. Background On October 30, SaltStack published a pre-announcement advisory regarding three new vulnerabilities which had been discovered in Salt versions 3002 and earlier. The pre-announcement advisory stated that two of the vulnerabilities were likely to be rated high or critical severity and that updates would be released on November 3. In…

2020 has seen IT executives dealing with major disruptions, and many are still uncertain about what IT will be like on the other side of the worldwide health crisis. Aside from supporting work-from-home initiatives, rolling out digital initiatives, and meeting rising ecommerce demands, CIOs must process the past several months to determine what projects the should take on to ensure their IT infrastructure is where it needs to be to meet the needs of a…

The gradual enforcement of the Docker Hub progressive rate limiting enforcement on container image pulls for anonymous and free users began Monday, November 2nd. The next three hour enforcement window on Wednesday, November 4th from 9am to 12 noon Pacific time. During this window, the eventual final limit of 100 container pull requests per six hours for unauthenticated users and 200 for free users with Docker IDs will be enforced. After that window, the limit…

There are new and expanding opportunities for women’s participation in cybersecurity globally as women are present in greater numbers in leadership. In recent years, the international community has recognized the important contributions of women to cybersecurity, however, equal representation of women is nowhere near a reality, especially at senior levels. The RSA Conference USA 2019 held in San Francisco — which is the world’s largest cybersecurity event with more than 40,000 people and 740 speakers —…