This is the second part of a blog series, here is part one. We’ve previously found that the bastion is not your usual SSH jumphost (in fact, we found it is not a jumphost at all) and we discussed how the delegation was one of the core features we’d originally needed. So, let’s dive into […]
The OVHcloud SSH Bastion – Part 2: delegation dizziness Read More »
Bastion? Are we talking about the indie game? Not this time! (albeit it’s a good game!). At OVHcloud, a fair amount of our infrastructures are built on top of Linux boxes. We have a lot of different flavours; such as Debian, Ubuntu, Red Hat… and the list goes on. We even had good old Gentoos
The OVHcloud Bastion – Part 1 Read More »
With confinement measures now being enforced in an increasing number of countries, we can really see the extent to which technology helps us combat isolation. Technology is what enables us to continue studying, stay in touch with those we care about, and keep ourselves entertained. We are even seeing the emergence of new ways to
Confinement and remote working — don’t overlook your data security Read More »
On 20th March 2020, ENISA (the European Union Agency for Cybersecurity) published an article calling for vigilance from both companies and individuals, following scam attempts that are capitalising on the COVID-19 healthcare crisis. Various organisations such as ANSSI (the National Cybersecurity Agency of France), the NCSC (National Cyber Security Center), and CISA (Cybersecurity And Infrastructure
Protect Yourself, And Protect Your IT Infrastructure Read More »
Recently, a previously-identified CVE (Common Vulnerabilities and Exposures) security breach, CVE-2017-9841, was thrust back into the spotlight, thanks to PrestaShop‘s security alert. Unfortunately, it’s already been exploited ‘in the wild’ for a while now. What are the risks ? The CVE-2017-9841 vulnerability lets a malicious user remotely run PHP code on fallible websites, by exploiting
CVE-2017-9841: What is it, and how do we protect our customers? Read More »
On June 18th 2019 at 7pm CEST, 4 vulnerabilities have been disclosed affecting the TCP stack of the Linux kernel. These vulnerabilities relies on an integer overflow in the Linux kernel which can lead to a kernel panic on one hand, and on an algorithmic complexity in the SACK implementation leading to CPU resource exhaustion
Linux Kernel Vulnerabilities Affecting The Selective ACK Component Read More »
On June 11th, security researchers published a paper titled “RAMBleed Reading Bits in Memory without Accessing Them”. This paper describes vector against Dynamic Random Access Memory (DRAM) modules that are already susceptible toRowhammer-style attacks. Systems using DRAM modules mitigated against Rowhammer style attacks remain protected from RAMBleed. This vector may affects hardware products, among which some used by OVH.
Like all the players from the IT sector, OVH has been informed on May 14, 2019 of security vulnerabilities following the discovery of hardware vulnerabilities on Intel processors. These new vulnerabilities are similar to previous spectrum and meltdown vulnerabilities and affect Intel’s microprocessors, which are part of the components used by OVH. Researchers have shown
Intel vulnerabilities Read More »
Plusieurs millions de sites et applications web s’appuient aujourd’hui sur les services d’Hébergement Web d’OVH (aussi connus sous l’ancienne appellation d’hébergements mutualisés). Assez logiquement, l’infrastructure est la cible constante de bots malveillants, qui scannent les sites de nos utilisateurs à la recherche de failles de sécurité. Des failles exploitées pour insérer des scripts dans le code des
Durant un peu plus d’une semaine, OVH a été sous le feu des caméras. D’un côté, des centaines de milliers de caméras IP compromises, utilisées pour générer la semaine du 19 septembre la plus importante attaque DDoS jamais enregistrée (et à laquelle OVH a bien résisté). De l’autre, les caméras et micros des journalistes du monde
La goutte DDoS n’a pas fait déborder le VAC* Read More »
