« Previous 1 2 3 4 Next »

News for Admins

Tech News

Civil Infrastructure Platform Adds New Super-Long-Term Linux Kernel

The Civil Infrastructure Platform (CIP) (https://www.cip-project.org/) has added the 6.1-based Linux kernel series to its super-long-term stable (SLTS) kernel program, which means the project is committed to maintaining the 6.1-cip kernel for a minimum of 10 years after its initial release.

Separate from the Linux kernel project, which recently announced that long-term support (LTS) for Linux kernels would be reduced (https://www.fosslife.org/linux-long-term-support-being-cut-back) from six to two years, the CIP clearly has a different mission. The SLTS program is part of CIP's efforts to establish "an open source base layer of industrial grade Linux to enable the use and implementation of software building blocks for civil infrastructure."

Additionally, the announcement notes, "CIP kernels are maintained like regular long-term-stable (LTS) kernels, and developers of the CIP kernel are also involved in LTS kernel review and testing." Other kernels in the program include 4.4-cip, 4.19-cip, and 5.10-cip.

HTTP/2 Protocol Exploited in Largest DDoS Attack Ever

Google, Cloudflare, and Amazon Web Services have revealed a new zero-day vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2023-44487) known as "HTTP/2 Rapid Reset."

Attacks exploiting the vulnerability targeted cloud and Internet infrastructure providers and peaked in August. "These attacks were significantly larger than any previously reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second," Google says (https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps).

The attack used a novel "Rapid Reset" technique leveraging the stream multiplexing feature of the widely implemented HTTP/2 protocol (https://http2.github.io/).

See further analysis at Google Cloud (https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack).

Docker Announces Three New Products for Secure App Delivery

Docker has announced three products aimed at secure app delivery: Docker Scout GA, Docker Build, and Docker Debug.

According to the announcement, "the products combine the responsiveness and convenience of local development with the on-demand resources, connectedness, and collaboration of the cloud."

Docker Scout is now generally available, while the other products are available in public beta:

  • Docker Scout – Provides relevant insights and integration to continuously evaluate container images against defined policies, aligned with software supply chain best practices.
  • Docker Build – Speeds up builds by as much as 39 times by taking advantage of large, on-demand cloud-based servers and team-wide build caching.
  • Docker Debug – Provides a language-independent, integrated toolbox for debugging local and remote containerized apps.

Learn more at Docker (https://www.docker.com/blog/announcing-docker-scout-ga/).

« Previous 1 2 3 4 Next »

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • News for Admins
    In the news: NIST Updates Cybersecurity Framework; Poor Cloud Security Practices Put Organizations at Risk; ORNL and NOAA Launch New Supercomputer for Climate Research; DOE Envisions New High Performance Data Facility; VMware Updates Tanzu with New Security Features; Microsoft Launches AI-Powered Security Copilot; IBM Deploys First Quantum Computer Dedicated to Healthcare Research; LPI Announces IT Security Essentials Certification
    more »
  • News for Admins
    In the news:Open Source AI Definition Now Available; Sysdig Report Highlights LLMjacking and Other Security Threats; Microsoft Releases OpenHCL, an Open Source Paravisor; NASA Moves Forward with Lunar Time Zone; Open Source Malware on the Rise, According to Sonatype Report; Six Principles of Operational Technology Cybersecurity Released; New Password Rules Recommended by NIST; OpenSSH 9.9 Released; Docker Updates Usage Plans.
    more »
  • NIST Releases Draft of Cybersecurity Security Framework v2.0
    more »
  • NIST Releases Major New Version of Cybersecurity Framework
    more »
  • News for Admins
    In the news: CIQ Offers Long-Term Support for Rocky Linux on AWS; Apple's PQ3 Brings Post-Quantum Security to iMessage; Google Open Sources Magika File-Type Detection System; Microsoft Announces Sudo for Windows; Linux Foundation Launches Post-Quantum Cryptography Alliance; Sys Admins Saw the Biggest Average Salary Increase in 2023, According to Dice; Use of Open Source Software Increased Significantly in 2023; Docker Build Cloud Announced; Wi-Fi CERTIFIED 7 Announced; EU Commissions Nostradamus Project for Quantum Testing; and NIST Identifies Main Types of Adversarial Machine Learning Threats, GitLab Announces Critical Security Releases.
    more »
comments powered by Disqus