Expanding the Availability of CIS Hardened Images on Oracle

Some IT and security leaders lack confidence in their ability to secure their workloads in the cloud. That's not necessarily affecting public cloud spending. According to Gartner, global end-user spending on public cloud services will reach $591.8 billion in 2023. The benefits of cloud computing are simply too compelling to slow down. As you only need to pay for what you use in the cloud, you can spare yourself from needing to invest in infrastructure upfront. Cloud computing also gives you a quick way to "Fail-over" to cloud-based backup systems and data if your physical data center suffers a disaster. We want to help make your cloud workloads as secure as possible. To help you out, the Center for Internet Security has worked with Oracle Cloud Marketplace to expand the international availability of our CIS Hardened Images. Our CIS Hardened Images have been available on the Oracle Cloud Marketplace for a while now. If you've spun one up, you know that you can use one of these virtual machine images to secure your systems operating in the Oracle Cloud. That's because CIS Hardened Images are pre-hardened to the security recommendations of the CIS Benchmarks. We're constantly working to give you greater access to our CIS Hardened Images on the Oracle Cloud Marketplace. As of November 2022, they were available primarily in the United States. This meant that users operating outside of the United States weren't able to use them. Oracle Cloud Marketplace has enabled us as sellers to provide CIS Hardened Images in the United Kingdom, Canada, and Brazil. We've worked with Oracle on this effort to help users in those regions spin up CIS Hardened Images on Oracle Cloud Marketplace. Best of all, if you operate in the United Kingdom, Canada, or Brazil, you will be able to pay for a CIS Hardened Image on Oracle Cloud Marketplace in USD or local currency. This helps to make migrating to the cloud and securing your cloud-based systems as easy as possible. Cybersecurity is a global effort, and it's an ongoing one at that. If you operate in Canada, the United Kingdom, or Brazil, we encourage you to spin up one of our CIS Hardened Images so that you can continue to manage your workloads in the cloud with confidence.

This Cyber News was published on www.cisecurity.org. Publication date: Wed, 01 Feb 2023 11:16:02 +0000

Cyber News related to Expanding the Availability of CIS Hardened Images on Oracle

Expanding the Availability of CIS Hardened Images on Oracle - Some IT and security leaders lack confidence in their ability to secure their workloads in the cloud. That's not necessarily affecting public cloud spending. According to Gartner, global end-user spending on public cloud services will reach $591.8 ...
1 year ago Cisecurity.org

CIS Establishes the Alan Paller Laureate Program - Alan Paller, co-founder of the Center for Internet Security and internationally recognized leader in cybersecurity, passed away suddenly in 2021. His passing was a big loss for CIS, as Alan had helped guide CIS for over 20 years. In 1999, he had ...
1 year ago Cisecurity.org

What Is Patch Management? - Containers are created using a container image, and a container image is created using a Dockerfile/Containerfile that includes instructions for building an image. Considering the patch management and vulnerability management for containers, let's ...
4 months ago Feeds.dzone.com

Latest Release of CIS Security Standards for February 2023 - We are delighted to announce the release of the new CIS pfSense Firewall Benchmark v1.0.0! We would like to express our gratitude to Touhid Shaikh and Daniel Brown for their hard work and communication which made this release possible. CIS ...
1 year ago Cisecurity.org

CVE-2016-0635 - Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, ...
5 years ago

Docker Image Building Best Practices - Starting with a basic, minimum image is essential when creating Docker images. They let you utilize numerous Docker images throughout the build process, which helps to reduce the size of the final image by removing unneeded build artifacts. Docker ...
6 months ago Feeds.dzone.com

Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
1 year ago Securityweek.com

The AI-Generated Child Abuse Nightmare Is Here - Over the course of September, analysts at the IWF focused on one dark web CSAM forum, which it does not name, that generally focuses on "Softcore imagery" and imagery of girls. Within a newer AI section of the forum, a total of 20,254 AI-generated ...
7 months ago Wired.com

but that doesn't mean we shouldn't be concerned - These images, believed to be created using Microsoft Designer, garnered widespread attention and highlighted the ever-growing challenge of AI-generated fake pornography. As these images rapidly spread across the platform, the incident not only ...
5 months ago Blog.avast.com

Accelerate essential cyber hygiene for your small business - Cyber threat actors are increasingly setting their sights on small businesses. If successful, their attack attempts can be devastating. IG1 is one of three Implementation Groups of the CIS Controls. It's special because it lists fundamental steps ...
5 months ago Helpnetsecurity.com

Vulnerability Summary for the Week of January 15, 2024 - This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. Successful attacks require human interaction from a ...
5 months ago Cisa.gov

CVE-2009-1993 - Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE. Per: ...
11 years ago

Virustotal Shares New Ideas to Track Threat Actors - In a recent presentation at the FIRST CTI in Berlin and Botconf in Nice, VirusTotal unveiled innovative methods to track adversary activity by focusing on images and artifacts used during the initial stages of the kill chain. Traditionally, threat ...
1 month ago Cybersecuritynews.com

CVE-2023-22041 - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle ...
5 months ago

CVE-2024-20952 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; ...
5 months ago Tenable.com

CVE-2024-20918 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle ...
5 months ago Tenable.com

CVE-2024-20945 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; ...
4 months ago

Vulnerability Summary for the Week of February 12, 2024 - Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise ...
4 months ago Cisa.gov

CVE-2023-22036 - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM ...
5 months ago

CVE-2023-22081 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle ...
4 months ago

CVE-2024-21011 - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; ...
2 months ago Tenable.com

Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
1 year ago Csoonline.com

CVE-2023-22746 - CKAN is an open-source DMS (data management system) for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a ...
1 year ago

Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
5 months ago Helpnetsecurity.com

Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024 - As of Jun 30, 2024, the Red Hat Enterprise Linux 7 maintenance support 2 phase ends and Red Hat will no longer update compliance content for RHEL 7. Many policy providers, such as CIS and DISA, will no longer update their policies once maintenance ...
2 months ago Redhat.com

Latest Cyber News

CVE-2023-24531 - 12 minutes ago
CVE-2022-30636 - 12 minutes ago
Three Ways to Chill Attacks on Snowflake - 1 hour ago
CVE-2024-4708 - 2 hours ago
CVE-2024-6387 - 2 hours ago
CVE-2024-2199 - 2 hours ago
CVE-2024-3657 - 2 hours ago
CVE-2023-7250 - 2 hours ago
CVE-2024-6453 - 3 hours ago
CVE-2024-24791 - 3 hours ago
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication - 3 hours ago
5 ChromeOS settings you should change for a more secure Chromebook - 4 hours ago
TechCrunch is part of the Yahoo family of brands - 4 hours ago
CVE-2024-39326 - 4 hours ago
CVE-2024-39325 - 4 hours ago
CVE-2024-39324 - 4 hours ago
CVE-2024-39322 - 4 hours ago
CVE-2022-29622 - 4 hours ago
CVE-2021-42860 - 4 hours ago
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach - 5 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-6453 - 3 hours ago
CVE-2024-24791 - 3 hours ago
CVE-2024-4708 - 2 hours ago
Three Ways to Chill Attacks on Snowflake - 1 hour ago
CVE-2024-6452 - 5 hours ago
CVE-2024-39315 - 5 hours ago
CVE-2024-38537 - 5 hours ago
CVE-2023-24531 - 12 minutes ago
CVE-2022-30636 - 12 minutes ago
CVE-2024-39326 - 4 hours ago
CVE-2024-39325 - 4 hours ago
CVE-2024-39324 - 4 hours ago
CVE-2024-39322 - 4 hours ago
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication - 3 hours ago
TechCrunch is part of the Yahoo family of brands - 4 hours ago
5 ChromeOS settings you should change for a more secure Chromebook - 4 hours ago
CVE-2024-6381 - 7 hours ago
CVE-2024-39894 - 7 hours ago
CVE-2024-39206 - 7 hours ago
CVE-2024-6341 - 7 hours ago