Security

Meltdown and Spectre Vulnerabilities – Big Threats

meltdown-spectre

Meltdown and Spectre Vulnerabilities have made 80% of servers as Vulnerable in overnight, thanks to  Google Project Zero team and other security researchers who have brought such a worst vulnerabilities to the world (At least now). Meltdown vulnerability basically melts security boundaries which are normally enforced by the hardware (CPU).  Spectre name is based on the root cause, “speculative execution”. Spectre is harder to exploit …

Read More »

Shellshock bug – vulnerability on Bash shell

Millions of computers are using bash shell (command interpreter ). New security flaw has been found on bash(Bash Code Injection Vulnerability (CVE-2014-6271) and it allows attackers  can take the system control remotely. Heartbleed wave was just over on last april (Openssl vulnerability ).Is Shell-shock hurts more than Heartbleed ? Off-course  Yes. Heartbleed was all about sniffing the system memory but Shellshock  has opened the …

Read More »

How to reduce the Security risk in Solaris ? – Generic OS Hardening steps

Is your Solaris environment is secure enough ? How can we tighten the system security ? Here we will see some basic  Hardening steps for Solaris OS.Every organization should maintain hardening checklists of each operating systems which they are using it.Before server is bringing to operation/production, hardening check list needs to be verified by support team who supports the server.     …

Read More »