FOLLOW US ON TWITTER

  • 12 JAN 2018

    SECURITY UPDATE: SPECTRE AND MELTDOWN VULNERABILITIES

    SECURITY UPDATE: Spectre and Meltdown vulnerabilities

    Hi ~okeanos-global users,

    Early this month, security researchers reported two critical vulnerabilities: Spectre and Meltdown. These vulnerabilities allow attackers to access sensitive information (such as passwords), due to a design flaw, which affects Intel, ARM and some AMD processors. Specifically, Meltdown allows a process to bypass the mechanisms that isolate it from accessing the memory address space of other processes and the operating system. Respectively, with Spectre a process can access arbitrary memory locations of other related processes.

    In order to protect the virtual machines, the physical nodes of ~okeanos-global have been patched with all the currently available security updates, ... read more

    posted by okeanos on Jan. 12, 2018, 2:32 p.m., filed under all , security , spotlight , cyclades

  • 15 MAY 2017

    SECURITY UPDATE: WANNACRY RANSOMWARE

    Hi ~okeanos-global users,

    There is a rather dangerous ransomware, the WannaCry / Wcry / WannaCrypt ransomware, that has been spreading since Friday, May 12. The ransomware takes advantage of the MS17-010 vulnerability that affects Microsoft Operating Systems.

    In order to protect the virtual machines from exposure to the WannaCry / Wcry / WannaCrypt ransomware, all incoming TCP traffic to ports 137-139 & 445 has been blocked.

    The aforementioned firewall rules were applied to partially prevent the ransomware from spreading. Therefore, we urge you to perform all the necessary updates on your Windows virtual machines.

    For a more thorough ... read more

    posted by okeanos on May 15, 2017, 1:35 p.m., filed under all , security , spotlight , cyclades

  • 17 FEB 2016

    CRITICAL GLIBC VULNERABILITY - RESTART OF VIRTUAL MACHINES

    Hi ~okeanos-global users,

    A new critical vulnerability in glibc has recently been discovered. This security issue is a stack-based buffer overflow problem, which can be exploited by malicious users to execute code remotely. This affects all Linux systems.

    Because of this, we strongly advise you to update immediately the glibc packages in your operating system and restart your virtual machines immediately after the updates.

    In order to update Debian and Debian derivative systems you may execute:

    apt-get update
    apt-get upgrade


    and for CentOS/RHEL:

    yum update

    Take care,
    the ~okeanos-global ... read more

    posted by okeanos on Feb. 17, 2016, 11:19 a.m., filed under all , security , spotlight , cyclades

  • 28 JAN 2015

    CRITICAL GLIBC VULNERABILITY FOUND (GHOST)

    Critical glibc vulnerability found (GHOST)

    Hi ~okeanos-global users,

    As some of you might have heard, a new glibc vulnerability has been found. It has been named GHOST (CVE 2015-0235) and affects most Linux systems. You can find a detailed description of this vulnerability here. From the ~okeanos-global images that we provide at this moment, the affected ones are the following:

    • (K)Ubuntu, prior to version 14.04
    • Debian, all versions
    • CentOS, all versions
    • Oracle Linux, all versions

    On our part, we have updated our own systems, but you are strongly advised to update your VMs too [1]. ... read more

    posted by okeanos on Jan. 28, 2015, 12:22 p.m., filed under all , security , spotlight , cyclades

  • 10 APR 2014

    ABOUT THE HEARTBLEED BUG

    Have you checked your heart lately? Good.
    How about your OpenSSL library? No? Well, you should.


    There is a rather dangerous OpenSSL bug on the wild, that affects versions 1.0.1 to 1.0.1f (inclusive). Briefly, all services that employ HTTPS and use the buggy OpenSSL library are exposed to sensitive information leaks. Passwords, certificates and just about anything you want to keep private can be stolen. For a more thorough explanation on this subject, we suggest you read this site, which has all the information you need.

    The ... read more

    posted by helpdesk on April 10, 2014, 4:17 p.m., filed under all , security , spotlight , cyclades