A serious vulnerability in RunC—the primary container runtime for Docker, Kurbernetes, and more—allows a malicious container to run arbitrary code as root on the host. This is a pretty critical vulnerability, especially for anyone that offers public access to containers. Watch today’s quick, snowpocalypse video to learn more about this flaw, and go get the patch immediately if … [Read more...]

Six month ago I warned you about upcoming changes in the way Google Chrome handles non-HTTPS sites. Today is the day for that update. Chrome users, watch today's video to know what to expect with the popular browser today, and why you might see "Not Secure" more often than you expect.  Episode Runtime: 1:34 Direct YouTube … [Read more...]

Last Tuesday, Microsoft and Adobe released all their security patches for March. The updates fix a ton of flaws in Windows, IE and Edge, Office, Adobe Flash, and much more. Some of Microsoft's updates continue to fix the Meltdown and Spectre chipset issues, and the Adobe updates fix some serious flaws in Flash player. If you use any of these products, you should patch … [Read more...]

Apache Struts is an open source framework for developing Java web applications. It's also very popular, and used by many large organizations. Recently, a researcher found a serious vulnerability in Apache Struts that affects all the latest versions. Watch the video below for a quick summary, and if you use Struts, be sure to go download, test, and apply the proper update … [Read more...]

Last week, I couldn't make many videos due to travel and offsite business meetings. One of the topics I missed was Microsoft and Adobe's monthly Patch Day, which falls on the second Tuesday of every month. Hopefully, you've already fallen into a regular cadence of patching each month after Microsoft and Adobe release their cyclical security updates. However, if you haven't … [Read more...]