Hello, welcome to the Friday, June 3, 2016 edition of the Sandsenet Storms and a stormcast. My name is Johannes Ulrich and I am recording from Jacksonville, Florida.

It wasn't long ago that we had a nice diary about forensics in a Docker environment. If you're not familiar with Docker, it's a system that

allows you to isolate processes on Unix machines, essentially sort of halfway between a

change route environment and a virtual machine. But well, when it comes to forensics,

memory forensics and the like is nice to have,

but you're probably going to start by looking at your system logs. And Xavier has a nice blog

post today about how to configure system logs in Docker so you actually can collect them centrally. He's talking here about

Splunk and tools like that. So if you're thinking about implementing Docker already have done,

so take a look at this brief diary. Earlier this week, I talked about how many of the

pre-installed applications that you find on your computers are insecure in

particular when it comes to insecure updates. Well, Lenovo now is taking the consequences

from this report and suggesting that users uninstall the Lenovo accelerator application.

The purpose of this application is to speed up the startup of

Lenovo's own applications, so really not all that important in the first place,

and given that it does suffer from an insecure update, you're probably best of following

Lenovo's advice and uninstalling it.

And Google released another update for Chrome about a week after they leased the last one.

Now this new update fixes a total of seven vulnerabilities, two of which are rated high-end both are

cross-origin bypass vulnerabilities.

And just because you're using a newfangled no-seql database like MongoDB doesn't mean that

you're all for a sudden safe from injection attacks.

These databases suffer from exactly the same attacks as all other databases if you are

...