posted by Syed Jaffri init by Y Avrahami December 21, 2020 at 3:30 PM Category: Cloud, Unit 42 Tags: CVE-2020-8554, Kubernetes, Prisma Cloud, vulnerabilities Executive Summary On Dec. 4, 2020, the Kubernetes Product Security Committee disclosed a new Kubernetes vulnerability assigned CVE-2020-8554. It is a medium severity issue affecting all Kubernetes versions and is currently unpatched. CVE-2020-8554 is a design flaw that allows Kubernetes Services […]

Read More Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554)

Introduction If you are like me and have to work with many Azure subscriptions with Azure CLI, you must have reached the point where you got tired of inner dialogs and commands like the following… Which subscription am I right now?az account show -o table Okay, but I want to switch to that DEV subscription… but […]

Read More How to quickly switch between multiple Azure subscriptions

This blog post was originally released on 08/26/20. What’s worse than an unsafe private key? An unsafe public key. The “secure” in secure shell comes from the combination of hashing, symmetric encryption, and asymmetric encryption. Together, SSH uses cryptographic primitives to safely connect clients and servers. In the 25 years since its founding, computing power […]

Read More Comparing SSH Keys – RSA, DSA, ECDSA, or EdDSA?

This brief tutorial shows students and new users how to install Ansible with AWX on Ubuntu 18.04 | 16.04. Ansible is an open source software provisioning, configuration management, and application-deployment tool that allows configuration managers painless process to manage and deploy applications and services across diverse environments. AWX provides a web-based user interface, REST API, and […]

Read More How to Install Ansible with AWX on Ubuntu 18.04 | 16.04

For today’s mobile network operators the concept of NFV ie., is the implementation of network functions in software that can run on a range of generic server hardware, and that can be instantiated in various locations in the network, without the need for installation of new equipment) is fast moving from a nice-to-consider into a […]

Read More Don’t Fear Network Function Virtualization

Reverse SSH Port Forwarding specifies that the given port on the remote server host is to be forwarded to the given host and port on the local side. To try to put this as simple as can be, Reverse SSH is a technique through which you can access systems that are behind a firewall from […]

Read More Back Door

10 Pillars of Business Operations When I tell someone I do ‘business operations’, nine out of ten times the reaction is ‘and what is that?’. Business operations has been an emerging role, but is not as prominent as other operations role such as Marketing Operations, Sales Operations or even Product Operations. I have talked to […]

Read More What I Learned from 50 Business Operations Job Descriptions

CI/CD enables the best tech companies to improve their products many times per day. Here’s what you need to know to do the same. What is CI/CD? CI/CD is a way of developing software in which you’re able to release updates at any time in a sustainable way. When changing code is routine, development cycles […]

Read More CI/CD: Continuous Integration & Delivery Explained

I’ve selected useful and must-have tools for CTF games and computer security competitions. Most of this tools are often indispensable during the games (especially task-based/jeopardy CTF games). I’ve combined tools by categories just like in CTF games: Reverse, Steganography, Networking, Forensics, Cryptography, Scripting. Most of tools are cross-platform, but some of them are only for Windows or […]

Read More USEFUL TOOLS FOR CTF