VSHN.timer #164: Welcome to the Jungle
Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about all the reasons we have to be cautious when using computers of any kind.
1. David Schütz found a vulnerability affecting seemingly all Google Pixel phones where if you gave him any locked Pixel device, he could give it back to you unlocked. The bug just got fixed in the November 5, 2022 security update.
2. Most people are familiar with products like Gmail and Google Meet, but Google Sites is a much lesser-known service. And the Google Sites service, which allows users to create web pages, provides a huge assist to scammers looking to hide under a veil of trustworthiness: a website under the Google.com domain name.
3. Simone Margaritelli became curious about how Logic Pro and Logic Remote were communicating with each other, so he started Wireshark and found that some of the data, such as the client and server names, were transmitted in clear on what seemed to be a custom (and as typical of Apple, undocumented) TCP protocol.
5. This playbook, presented at the OWASP Global AppSec Conference, will help you introduce effective DevSecOps practices in your company. It provides explicit guidance and actionable steps to introduce security controls, measure their effectiveness, and demonstrate value for money to your business leaders.
Have you tried the Google Pixel lock bypass? Have you implemented a DevSecOps program in your organization? Would you like to share some security tips and tricks with our readers? Get in touch with us, and see you next week for another edition of VSHN.timer.
PS2: do you prefer reading VSHN.timer in your favorite RSS reader? Subscribe to this feed.
PS3: would you like to receive VSHN.timer every Monday in your inbox? Sign up for our weekly VSHN.timer newsletter.
- APPUiO Cloud
AppCat Now Standard on All APPUiO Managed OpenShift Clusters on ExoscaleRead more
Watch the Recording of „How to Keep Container Operations Steady and Cost-Effective in 2024“Read more
Zusammenarbeit und Innovation werden gefeiert: VSHN auf dem Red Hat Summit Connect Zürich 2024Read more
Unser Expertenteam steht für dich bereit. Im Notfall auch 24/7.Kontakt