Carrying out with our #Kubernetes #Security fundamentals video series, this time we're starting to look at the security of Kubernetes APIs youtu.be/cB7RCAAS4ik?si…

🚨 👀 - New Recorded Future report! This report examines a recent 🇷🇺 🇧🇾 TAG-70 (Winter Vivern) espionage campaign that exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers used by European government and military organizations. recordedfuture.com/russia-aligned…

#VMware

Burn! I haven’t checked any of this but I respect Craig so I suspect he has a very valid point. Always been an Istio guy personally but Linkerd is used by more of our clients. On ramp is easier but maybe what lurks beyond is not so great.

In September 2022, attendees at the inaugural LABScon heard about an actor I described then as "one of the most prolific, most deeply connected, and most technically advanced actors around". Events this week were a reminder that the video never went out, so here it is 👇

Murrayfield.

Interesting bit of research this. How to find the AWS Account ID of any S3 Bucket tracebit.com/blog/2024/02/f…

If running JetBrains TeamCity on-prem - make sure to patch for latest CVE-2024-27198 (remote auth bypass) & CVE-2024-27199 vulns NOW! We started seeing exploitation activity for CVE-2024-27198 around Mar 4th 22:00 UTC. 16 IPs seen scanning so far. blog.jetbrains.com/teamcity/2024/…

Oh dear. More severe bugs in TeamCity. This time they silently patched them and got called out by Rapid7.

JetBrains’ version of events. Who is right here? JB are trying to do the right thing. Rapid7’s policy is valid re skilled attackers but it’s certain that publishing details arms the skiddies. Can Rapid7 hold vendors hostage? Is it just a self-serving marketing thing?

Definitely don't have #KubeCon FOMO. Nope. Not one bit....

All of the Tifosi if Fred signs both Lewis Hamilton and Adrian Newey in one year

#linux users right now 🐧

Toggle user privacy: Backend: Add protobuf spec, compile, add handler, add GraphQL mutation spec, compile, define handler. 5 minutes. Frontend: Add toggle switch that uses mutation on change. 1 hour and counting…. I hate doing front end. 😂

“Interning in Go” by Val Deleplace medium.com/google-cloud/i…

Exploiting Livewire: CVE-2024-47823 Puts Laravel Apps at Risk securityonline.info/exploiting-liv…