compromise

DevOps’ish 198

Sun Dec 27, 2020 by Chris Short
Weekly, Newsletter, DevOps News, Cloud Native News, 2020 DevOps, security, cloud, cloud native, Apple, Linux, systems, Solarwinds, supply chain, compromise, Microsoft, COVID-19, Intel, theory, DLL, threat, GitOps, Kubernetes, ARM, trace, syscalls, gopher, namespaces, diffs, streams

Remember last week how I said things would be punchier? Well, I updated the DevOps’ish Solarwinds supply chain compromise Index. By the way, Microsoft says it was, “used by a different threat actor.” I wrote the parts of the newsletter below, which are probably helpful. ¯\_(ツ)_/¯ The past few days have been incredibly challenging mentally and physically. I’m not sure if I would do it all the same way again. Read more →

DevOps’ish 197

Sun Dec 20, 2020 by Chris Short
Weekly, Newsletter, DevOps News, Cloud Native News, 2020 Kubernetes, cloud, Solarwinds, compromise, hack, DevOps, Women in Tech, Google, ARM, Linux, WiFi, Docker, Git, cloud native, Red Hat, Apple, security, runtime, Boeing, CKS, container, supply chain, harassment, GitHub, OKRs, FAA, Discord, open source, air gapped, cluster, Cloud Native Computing Foundation, CNCF, CLI, AltaVista, search engine, Solarwinds Orion, OpenShift, GitHub Actions, OpenShift, GitOps, Windows, SSH, remote, scientists, observability, Operator,

This being a holiday break my intros will probably be a little bit shorter than normal. “More punchy” as my first boss at Red Hat would say. Let’s start with the thing with an ever-increasing blast radius: Solarwinds. Solarwinds Supply Chain Compromise For the record, Reuters has been all over this coverage wise. I can’t do them justice. This story has been evolving so rapidly that by the time I hit send, my coverage will be incomplete. Read more →

DevOps’ish Solarwinds supply chain compromise Index

Sun Dec 20, 2020 by Chris Short
Indexes Solarwinds Orion, Solarwinds, supply chain, compromise, hack, DevOps, Microsoft, security, spied, Russia, hackers, spy, backdoored, breach, Orion, CISA, advisory

A one-stop shop for opinion, analysis, and/or coverage of the Solarwinds supply chain compromise. Coverage includes official statements and filings, accredited media coverage, industry analyisis, and noteworthy blogs, digital media, and other mediums as deemed worthwhile. Official Statements Security Advisory | SolarWinds Solarwinds US SEC 8K Mitigate SolarWinds Orion Code Compromise - Emergency Directive 21-01 CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise | CISA Microsoft Internal Solorigate Investigation Update – Microsoft Security Response Center Statement on the story from The New York Times regarding JetBrains and SolarWinds | JetBrains Blog CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS SOLARWINDS CORPORATION, KEVIN B. Read more →

125: Docker Hub Breach, Drupal in Kubernetes, Localize Kubernetes, Get Into Open Source, Apple’s AWS Bill, Hertz Sues Accenture, and Much More

Sun Apr 28, 2019 by Chris Short
Weekly, Newsletter, DevOps News, Cloud Native News, 2019 kubernetes, devops, open source, cloud, tech, github, container, security, system, Docker Hub breach, docker, docker hub, compromise, Docker Inc, Kubernetes Operators

NOTE: Please read my Disclaimer before breaking out the tar and feathers. What a series of unfortunate events for Docker in 2019. In what appeared to be a massive talent flush due to what looks like a potential earnings miss, the Great Docker Culling of 2019 happened. Docker appears to have laid off the vast majority of its well-known talent. Andrea Luzzardi, Sam Alba, and Gareth Rushgrove are among a slew of recent Docker layoffs discussed in this newsletter earlier this year. Read more →