1_r/devopsish

54643 bookmarks

Custom sorting

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma

Learn about a new, targeted backdoor supply chain attack against the popular XZ compression utility seen in many Linux distributions such as fedora and debian. Understand it's impact, potential risks and what you can do about it.

·blog.sonatype.com·Apr 1, 2024

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma

Rust developers at Google twice as productive as C++ teams

Code shines up nicely in production, says Chocolate Factory's Bergstrom

·theregister.com·Apr 1, 2024

Rust developers at Google twice as productive as C++ teams

Linux xz Backdoor Damage Could Be Greater Than Feared

A mysterious contributor who planted the backdoor helped maintain the widely used xz compression library for the past two years. So what else was hidden in there?

·thenewstack.io·Apr 1, 2024

Linux xz Backdoor Damage Could Be Greater Than Feared

The xz-utils backdoor in security advisories by national CSIRTs

The xz-utils backdoor in security advisories by national CSIRTs, Author: Jan Kopriva

·isc.sans.edu·Apr 1, 2024

The xz-utils backdoor in security advisories by national CSIRTs

EV buyers want SUVs and sedans, not minivans or trucks, survey says

There's also a wide spread when it comes to acceptable range, Edmunds found.

·arstechnica.com·Apr 1, 2024

EV buyers want SUVs and sedans, not minivans or trucks, survey says

I did not make this | ❌ SSPL is BAD ❌

·ssplisbad.com·Mar 31, 2024

I did not make this | ❌ SSPL is BAD ❌

Linux Foundation Backs 'Valkey' Open Source Fork of Redis

Redis CEO scoffs at the fork, characterizing it as an underhanded ploy of the cloud providers to avoid paying licensing fees.

·thenewstack.io·Mar 31, 2024

Linux Foundation Backs 'Valkey' Open Source Fork of Redis

Kubernetes and AI: Are They a Fit?

At KubeCon Europe, we heard a lot about the current and future relationship of AI and Kubernetes, the orchestrator originally built to be stateless.

·thenewstack.io·Mar 31, 2024

Kubernetes and AI: Are They a Fit?

valkey-io/valkey: A new project to resume development on the formerly open-source Redis project.

A new project to resume development on the formerly open-source Redis project. - valkey-io/valkey

·github.com·Mar 31, 2024

valkey-io/valkey: A new project to resume development on the formerly open-source Redis project.

Kyiv races to build defensive lines as it braces for Russian offensive | Semafor

Ukraine is building 1,200 miles of fortifications. Some military officials are asking why work didn't start months ago.

·semafor.com·Mar 31, 2024

Kyiv races to build defensive lines as it braces for Russian offensive | Semafor

JetBrains fixes 26 'security problems,' offering no details

Vendor takes hardline approach to patch disclosure to new levels

·theregister.com·Mar 31, 2024

JetBrains fixes 26 'security problems,' offering no details

GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands

While the uutils Rust-written Coreutils effort has been chugging along, the upstream GNU Coreutils effort is showing no signs of slowing down

·phoronix.com·Mar 31, 2024

GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands

Can Military Veterans Alleviate Your Tech Team Hiring Woes?

Hidden skills can include adaptability, public speaking and a knack for documentation.

·thenewstack.io·Mar 31, 2024

Can Military Veterans Alleviate Your Tech Team Hiring Woes?

BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet - Liliputing

BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet

·liliputing.com·Mar 31, 2024

BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet - Liliputing

I was just able to make a commit as this person, in my own repository

BTW, I am not saying that this is what happened in the #xz backdoor case, but what does not help is, github makes it quite trivial to spoof user accounts... I was just able to make a commit as this person, in my own repository: https://t.co/h7TgTsT5J9 pic.twitter.com/EgoIdGzYKB— hasherezade (@hasherezade) March 31, 2024

·x.com·Mar 31, 2024

I was just able to make a commit as this person, in my own repository

DevOps Toolkit - Grand Finale - End to End Demo of the Choosen Tech (You Choose! Ch. 3 Ep. 11) - https://www.youtube.com/watch?v=7-3dVxmG9qs

Grand Finale - End to End Demo of the Choosen Tech (You Choose!, Ch. 3, Ep. 11)

Choose Your Own Adventure: The Treacherous Trek to Security - Grand Finale. In this episode, we'll go through all the choices ...

via YouTube https://www.youtube.com/watch?v=7-3dVxmG9qs

·youtube.com·Mar 31, 2024

DevOps Toolkit - Grand Finale - End to End Demo of the Choosen Tech (You Choose! Ch. 3 Ep. 11) - https://www.youtube.com/watch?v=7-3dVxmG9qs

Deploying Burp Suite Enterprise Edition to Kubernetes

To deploy Burp Suite Enterprise Edition to Kubernetes: Step 1: Set up your Kubernetes cluster Step 2: Install the application Step 3: Create the admin user ...

·portswigger.net·Mar 30, 2024

Deploying Burp Suite Enterprise Edition to Kubernetes

White House orders agencies to tap chief AI officers | Semafor

A sweeping new policy from the Office of Management and Budget also instructs agencies to disclose AI tools they use and prevent discrimination, other risks.

·semafor.com·Mar 30, 2024

White House orders agencies to tap chief AI officers | Semafor

Good! | LMSys Chatbot Arena Leaderboard - a Hugging Face Space by lmsys

Discover amazing ML apps made by the community

·huggingface.co·Mar 30, 2024

Good! | LMSys Chatbot Arena Leaderboard - a Hugging Face Space by lmsys

Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud

Companies are trying to make the "AI PC" happen with new silicon and software.

·arstechnica.com·Mar 30, 2024

Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud

The Night Sky Will Soon Get ‘a New Star.’ Here’s How to See It. (Gift Article)

A nova named T Coronae Borealis lit up the night about 80 years ago, and astronomers say it’s expected to put on another show in the coming months.

·nytimes.com·Mar 30, 2024

The Night Sky Will Soon Get ‘a New Star.’ Here’s How to See It. (Gift Article)

'Once-in-a-lifetime' cosmic explosion set to light up the night sky, NASA says

Those hoping to see the nova display should look for the constellation Corona Borealis, or "Northern Crown."

·businessinsider.com·Mar 30, 2024

'Once-in-a-lifetime' cosmic explosion set to light up the night sky, NASA says

#1068024 - revert to version that does not contain changes by bad actor - Debian Bug report logs

·bugs.debian.org·Mar 30, 2024

#1068024 - revert to version that does not contain changes by bad actor - Debian Bug report logs

All about the xz-utils backdoor | Kali Linux Blog

As of 5:00 pm ET on March 29, 2024 the following information is accurate. Should there be updates to this situation, they will be edited onto this blog post. The xz-utils package, starting from versions 5.6.0 to 5.6.1, was found to contain a backdoor (CVE-2024-3094). This backdoor could potentially allow a malicious actor to compromise sshd authentication, granting unauthorized access to the entire system remotely.

·kali.org·Mar 30, 2024

All about the xz-utils backdoor | Kali Linux Blog

NVD - CVE-2024-3094

·nvd.nist.gov·Mar 30, 2024

NVD - CVE-2024-3094

This is something I've always feared. A psyop on an overworked maintainer has proven to be an attack vector. Who else is doing this??? Because where there's one nation, there's usually another. | Malicious Linux backdoor inserted upstream, caught early

Poisoned Easter eggs for all: Apparent supply chain attack caught mercifully early…

·thestack.technology·Mar 30, 2024