DevOps'ish

DevOps, Cloud Native, Hybrid Cloud, Open Source, industry news, and the ‘ish between.

DevOps’ish 198

Remember last week how I said things would be punchier? Well, I updated the DevOps’ish Solarwinds supply chain compromise Index. By the way, Microsoft says it was, “used by a different threat actor.” I wrote the parts of the newsletter below, which are probably helpful. ¯\_(ツ)_/¯ The past few days have been incredibly challenging mentally and physically. I’m not sure if I would do it all the same way again. Read more →

DevOps’ish 197

This being a holiday break my intros will probably be a little bit shorter than normal. “More punchy” as my first boss at Red Hat would say. Let’s start with the thing with an ever-increasing blast radius: Solarwinds. Solarwinds Supply Chain Compromise For the record, Reuters has been all over this coverage wise. I can’t do them justice. This story has been evolving so rapidly that by the time I hit send, my coverage will be incomplete. Read more →

Solarwinds

DevOps’ish Solarwinds supply chain compromise Index

A one-stop shop for opinion, analysis, and/or coverage of the Solarwinds supply chain compromise. Coverage includes official statements and filings, accredited media coverage, industry analyisis, and noteworthy blogs, digital media, and other mediums as deemed worthwhile. Official Statements Security Advisory | SolarWinds Solarwinds US SEC 8K Mitigate SolarWinds Orion Code Compromise - Emergency Directive 21-01 CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise | CISA Microsoft Internal Solorigate Investigation Update – Microsoft Security Response Center Statement on the story from The New York Times regarding JetBrains and SolarWinds | JetBrains Blog CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS SOLARWINDS CORPORATION, KEVIN B. Read more →

Docker Hub breach impacting at least 190,000 accounts

125: Docker Hub Breach, Drupal in Kubernetes, Localize Kubernetes, Get Into Open Source, Apple’s AWS Bill, Hertz Sues Accenture, and Much More

NOTE: Please read my Disclaimer before breaking out the tar and feathers. What a series of unfortunate events for Docker in 2019. In what appeared to be a massive talent flush due to what looks like a potential earnings miss, the Great Docker Culling of 2019 happened. Docker appears to have laid off the vast majority of its well-known talent. Andrea Luzzardi, Sam Alba, and Gareth Rushgrove are among a slew of recent Docker layoffs discussed in this newsletter earlier this year. Read more →