NEWS
Hacks Abound
2018 is ending with some major hacks. Marriott International, one of the world's biggest hotel chains, announced that hackers compromised the reservation database of Starwood hotels. Hackers managed to steal personal details of about 500 million guests. According to The Hacker News, "The breach of Starwood properties has been happening since 2014 after an unauthorized party managed to gain unauthorized access to the Starwood's guest reservation database and had copied and encrypted the information" (https://thehackernews.com/2018/11/marriott-starwood-data-breach.html).
The second victim of another major hack is Quora, a user-driven question and answers site. According to reports, hackers gained access to sensitive information of over 100 million users (https://thehackernews.com/2018/12/quora-hack.html). The Hacker News wrote that the stolen data includes sensitive account information, such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter.
The third major hack was on Dell. The company said that it detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses, and hashed passwords. "Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These measures include the hashing of our customers' passwords and a mandatory Dell.com password reset. Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services," Dell said in a blog post (https://www.dell.com/learn/us/en/uscorp1/press-releases/2018-11-28-customer-update).
Even though Dell was not certain if any data was stolen, the company pushed password reset for all users as a precaution.
Kubernetes Vulnerability Found and Fixed
A critical vulnerability was discovered in the Kubernetes container orchestrator (https://github.com/kubernetes/kubernetes/issues/71411). The vulnerability (CVE-2018-1002105) allows non-privileged users to access Kubernetes clusters and associated data that they otherwise would not be able to access.
Bad actors can exploit the flaw in two ways – the first involves abusing pod exec privileges granted to a normal user, and the second involves attacking the API extensions feature, which provides the service catalog and access to additional features in Kubernetes 1.6 and later.
The flaw is already fixed and major Kubernetes vendors have already released patches. For instance, Red Hat has announced that OpenShift Container Platform 3.x and later are affected, as well as Red Hat OpenShift Online and Red Hat OpenShift Dedicated. The company suggests that users must immediately apply patches to their OpenShift deployments.
Microsoft Azure has announced that they have also fixed the vulnerability. The company said, "Azure Kubernetes Service has patched all affected clusters by overriding the default Kubernetes configuration to remove unauthenticated access to the entrypoints that exposed the vulnerability,"
The entrypoints are everything under https://myapiserver/apis/. If you were relying on this unauthenticated access to these endpoints from outside the cluster, you will need to switch to an authenticated path.
This is the first major vulnerability discovered in Kubernetes.
Dolphin Announces New Switch for Composable Architectures
Dolphin Interconnect Solutions has announced a new 24-port switch for I/O expansion and PCIe fabric. The MXS824 offers an innovative approach to composable architecture, a recent trend that combines the benefits of software-defined infrastructure with hardware-based device sharing and provisioning.
According to the announcement, "Dolphin's unique approach to building composable architectures is called device lending. Device lending allows access to devices installed in servers, as well as in expansion boxes or JBoFs. This creates a pool of transparent I/O resources that can then be shared among computers without any application-specific distribution mechanisms or requiring any modifications to drivers. Just as importantly, the resources can easily be reallocated whenever required, allowing for extremely flexible and ever-changing distributions of resources."
The MXS824 is designed to work with Dolphin's PCIe fabric to connect multiple servers with devices such as NVMe drives, GPUs, processors, and FPGAs in a way that allows on-the-fly software-defined configuration.
The 24-port Microsemi PFX-based 1U cluster switch delivers 32GT/s of non-blocking bandwidth per port at ultra-low latency. The switch supports various configurations, where up to four ports can be combined into a single x16 /128 GT/s port for higher bandwidth. Ports can be configured as 24x4 ports, 12x8 ports, 6x16 ports, and various configurations of each. Multiple switches can be connected to create larger port counts.
More Online
Linux Magazine
Linux Administration Focus
http://www.linux-magazine.com/tags/view/administration
Git Started with Git * Roman JordanThe Git version control system is a powerful tool for managing large and small software development projects. We'll show you how to get started.
Remote Git Repositories * Roman Jordan
Software projects often comprise several code branches, some of which exist in parallel. Git supports community code development through remote repositories and code branching.
ADMIN HPC
http://www.admin-magazine.com/HPC/
Parallelizing Code – Loops * Jeff Layton
OpenACC is a great tool for parallelizing applications for a variety of processors. In this article, I look at one of the most powerful directives, loop.
ADMIN Online
http://www.admin-magazine.com/
Exploring SQL Server on LinuxDavid Barbarin
SQL Server runs on Linux now. We'll show you how Microsoft developers made their massive database system Linux ready, and we'll help you get started with setting up SQL Server on your own Linux system.
Sharing threat information with MISPMatthias Wübbeling
The Malware Information Sharing Platform lets you record and document security incidents – and share the information with users on other networks.
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
KDE Plasma 5.27 Beta is Ready for Testing
The latest beta iteration of the KDE Plasma desktop is now available and includes some important additions and fixes.
-
Netrunner OS 23 Is Now Available
The latest version of this Linux distribution is now based on Debian Bullseye and is ready for installation and finally hits the KDE 5.20 branch of the desktop.
-
New Linux Distribution Built for Gamers
With a Gnome desktop that offers different layouts and a custom kernel, PikaOS is a great option for gamers of all types.
-
System76 Beefs Up Popular Pangolin Laptop
The darling of open-source-powered laptops and desktops will soon drop a new AMD Ryzen 7-powered version of their popular Pangolin laptop.
-
Nobara Project Is a Modified Version of Fedora with User-Friendly Fixes
If you're looking for a version of Fedora that includes third-party and proprietary packages, look no further than the Nobara Project.
-
Gnome 44 Now Has a Release Date
Gnome 44 will be officially released on March 22, 2023.
-
Nitrux 2.6 Available with Kernel 6.1 and a Major Change
The developers of Nitrux have officially released version 2.6 of their Linux distribution with plenty of new features to excite users.
-
Vanilla OS Initial Release Is Now Available
A stock GNOME experience with on-demand immutability finally sees its first production release.
-
Critical Linux Vulnerability Found to Impact SMB Servers
A Linux vulnerability with a CVSS score of 10 has been found to affect SMB servers and can lead to remote code execution.
-
Linux Mint 21.1 Now Available with Plenty of Look and Feel Changes
Vera has arrived and although it is still using kernel 5.15, there are plenty of improvements sure to please everyone.