VSHN.timer #84: Under Attack

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.

This week we’re going to talk about security vulnerabilities that have recently shaken up the software landscape.

1. We’re only three months into 2021 and it feels like all systems were breached already: 0-days, SolarWinds, Microsoft Exchange… And thanks to the „sudo“ flaw (aka CVE-2021-3156), pretty much every Unix-like operating system was compromised. We hope you have secured your RHEL servers, your OpenShift clusters, and even your macOS.

https://www.openshift.com/blog/what-red-hat-openshift-dedicated-and-azure-red-hat-openshift-customers-should-know-about-the-january-2021-sudo-flaw

2. Did you know that Stack Overflow suffered a week-long breach in 2019? This article contains the full story, including the whole trace of activities of the attacker, and all the mitigation measures required to solve the issue. TL;DR: great advice at the end of the article.

https://www.zdnet.com/article/stack-overflow-heres-what-happened-when-we-were-hacked-back-in-2019/

3. Unsurprisingly, Kubernetes deployments aren’t excepted from being targets of attacks. Besides using audit logs to detect threats, it is a good idea to learn how to use seccomp properly to secure Docker and Kubernetes to the maximum.

https://martinheinz.dev/blog/41

4. Software distribution platforms are preferred targets for attack; a few weeks ago, somebody stole the perl.com domain from their rightful owners, pointing to an IP address long known for delivering malware. Yikes.

https://www.bleepingcomputer.com/news/security/perlcom-domain-stolen-now-using-ip-address-tied-to-malware/

5. Two-Factor Authentication (aka 2FA) is one of the main base lines of defense for users of online services. But are we using it properly? Do we really understand what it means, and how to avoid common traps? Maybe not.

https://shkspr.mobi/blog/2021/01/thats-not-how-2fa-works/

Have you set up 2FA in your online accounts? Which password manager do you use? Would you like to share some security best practices with the community? Get in touch with us, and see you next week for another edition of VSHN.timer.

PS: would you like to receive VSHN.timer every Monday in your inbox? Sign up for our weekly VSHN.timer newsletter.

PS²: check out our previous VSHN.timer editions about security: #8, #17, #22, #27, #32, #44, #54, #62, and #76.