Latest Posts
Race Conditions – Cloudy with a Chance of R/W Access
Docker Race Condition: CVE-2018-15664 Today, Aleksa Sarai published a Docker vulnerability, CVE-2018-15664, on the oss-sec mailing list. It turns out that a function inside Docker facilitates a TOCTOU bug (more …
Read of “Race Conditions – Cloudy with a Chance of R/W Access”
A Buffer Buffet for Data Sampling
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 Yesterday, three data sampling side channel vulnerabilities were disclosed in Intel CPUs by a whole bunch of smart researchers. Intel is calling them “microarchitectural data sampling” …
Linux Security Fun With Webhooks
At Capsule8, we want to let you work the way you prefer working rather than forcing new workflows on you. To realize this philosophy, we designed Capsule8 to be super …
The Methods to our Madness: How Capsule8’s Detection Methods Work
One of the best weapons in defending against attackers is speed. The ability to detect an attacker’s attempts as soon as it happens, and in turn shut it down before …
Read of “The Methods to our Madness: How Capsule8’s Detection Methods Work”
Search No Further: Capsule8 Supports Google Cloud Security Command Center with Security Partner Integration
Today is another big day for Capsule8. We officially announced that we are included as a Security Partner Integration within the newly launched Google Cloud Security Command Center (Cloud SCC). …
Apache CARPE DIEM: CVE-2019-0211
Recently, Charles Fol blogged about his privilege escalation bug in Apache, CVE-2019-0211, aka “CARPE DIEM” (seize the 0day, comrades!). This affects Apache HTTP Server versions 2.4.17 through version 2.4.38 (from …
Linux Server Monitoring: a Brief Guide
Different Approaches to Linux Host and Process Monitoring In case you hadn’t heard, Linux is a big deal. Linux servers are used in the vast majority of production systems, the …
Between Two Kernels: Halvar Flake – E03
In Episode 3 Kelly chats with Halvar Flake, former Project Zero team member at Google and Co-Founder of optimyze. The two get philosophical about vendor tag lines, characterize his new …
Between Two Kernels: Allan Alford – E02
In Episode 2 of Between Two Kernels Kelly chats with CISO Allan Alford about being the most hated man in his organization, the three biggest mistakes of his life, and …