#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Suse Linux | Breaking Cybersecurity News | The Hacker News

RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts

RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts

Feb 12, 2019
A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system. The vulnerability, identified as  CVE-2019-5736 , was discovered by open source security researchers Adam Iwaniuk and Borys PopÅ‚awski and publicly disclosed by Aleksa Sarai, a senior software engineer and runC maintainer at SUSE Linux GmbH on Monday. The flaw resides in runC—a lightweight low-level command-line tool for spawning and running containers, an operating-system-level virtualization method for running multiple isolated systems on a host using a single kernel. Originally created by Docker, runC is the default container run-time for Docker, Kubernetes, ContainerD, CRI-O, and other container-dependent programs, and is widely being used by major cloud hosting and server providers. runC Containe
SUSE Linux Has Been Sold For $2.5 Billion

SUSE Linux Has Been Sold For $2.5 Billion

Jul 03, 2018
SUSE, the open source software company owned by British firm Micro Focus International, has been sold to a Swedish private equity firm. Yes, SUSE Linux and its associated software business has finally been acquired by EQT Partners for $2.535 billion, lifting its shares 6 percent. SUSE is one of the oldest open source companies and perhaps the first to provide enterprise-grade Linux software service to banks, universities and government agencies around the world. Since its foundation in 1992, SUSE has changed ownership multiple times. US-based software company Novell acquired SUSE for $120 million in November 2003 to compete with Microsoft in the operating system market. However, things did not work as the company thought and Novell in turn itself was acquired by another US-based company The Attachmate Group for $2.2 billion in 2011. Three years later, Micro Focus International acquired Attachmate for $2.35 billion in 2014. Since then SUSE Linux has been part of Micro Focus
SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework

Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a
Cybersecurity Resources