security

Finding Vulnerabilities Using eBPF Probes in Python Using ARVOS

We explored the functionality, accuracy, performance and usability of function call tracing in Python using ARVOS to detect the runtime usage of known vulnerable code. We found that the approach is functional with 100% accuracy, but with an unfortunate 50% decrease in the performance of the traced application.
Kubernetes security flaw CVE-2018-1002105

Kubernetes security flaw (CVE-2018-1002105)

A very serious security flaw (CVE-2018-1002105) has just been found and patched for Kubernetes. It affects versions prior to v1.10.11, v1.11.5, and v1.12.3. The newly…