Hacks Abound

2018 is ending with some major hacks. Marriott International, one of the world's biggest hotel chains, announced that hackers compromised the reservation database of Starwood hotels. Hackers managed to steal personal details of about 500 million guests. According to The Hacker News, "The breach of Starwood properties has been happening since 2014 after an unauthorized party managed to gain unauthorized access to the Starwood's guest reservation database and had copied and encrypted the information" (https://thehackernews.com/2018/11/marriott-starwood-data-breach.html).

The second victim of another major hack is Quora, a user-driven question and answers site. According to reports, hackers gained access to sensitive information of over 100 million users (https://thehackernews.com/2018/12/quora-hack.html). The Hacker News wrote that the stolen data includes sensitive account information, such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter.

The third major hack was on Dell. The company said that it detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses, and hashed passwords. "Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These measures include the hashing of our customers' passwords and a mandatory Dell.com password reset. Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services," Dell said in a blog post (https://www.dell.com/learn/us/en/uscorp1/press-releases/2018-11-28-customer-update).

Even though Dell was not certain if any data was stolen, the company pushed password reset for all users as a precaution.

Kubernetes Vulnerability Found and Fixed

A critical vulnerability was discovered in the Kubernetes container orchestrator (https://github.com/kubernetes/kubernetes/issues/71411). The vulnerability (CVE-2018-1002105) allows non-privileged users to access Kubernetes clusters and associated data that they otherwise would not be able to access.

Bad actors can exploit the flaw in two ways – the first involves abusing pod exec privileges granted to a normal user, and the second involves attacking the API extensions feature, which provides the service catalog and access to additional features in Kubernetes 1.6 and later.

The flaw is already fixed and major Kubernetes vendors have already released patches. For instance, Red Hat has announced that OpenShift Container Platform 3.x and later are affected, as well as Red Hat OpenShift Online and Red Hat OpenShift Dedicated. The company suggests that users must immediately apply patches to their OpenShift deployments.

Microsoft Azure has announced that they have also fixed the vulnerability. The company said, "Azure Kubernetes Service has patched all affected clusters by overriding the default Kubernetes configuration to remove unauthenticated access to the entrypoints that exposed the vulnerability,"

The entrypoints are everything under https://myapiserver/apis/. If you were relying on this unauthenticated access to these endpoints from outside the cluster, you will need to switch to an authenticated path.

This is the first major vulnerability discovered in Kubernetes.

Dolphin Announces New Switch for Composable Architectures

Dolphin Interconnect Solutions has announced a new 24-port switch for I/O expansion and PCIe fabric. The MXS824 offers an innovative approach to composable architecture, a recent trend that combines the benefits of software-defined infrastructure with hardware-based device sharing and provisioning.

According to the announcement, "Dolphin's unique approach to building composable architectures is called device lending. Device lending allows access to devices installed in servers, as well as in expansion boxes or JBoFs. This creates a pool of transparent I/O resources that can then be shared among computers without any application-specific distribution mechanisms or requiring any modifications to drivers. Just as importantly, the resources can easily be reallocated whenever required, allowing for extremely flexible and ever-changing distributions of resources."

The MXS824 is designed to work with Dolphin's PCIe fabric to connect multiple servers with devices such as NVMe drives, GPUs, processors, and FPGAs in a way that allows on-the-fly software-defined configuration.

The 24-port Microsemi PFX-based 1U cluster switch delivers 32GT/s of non-blocking bandwidth per port at ultra-low latency. The switch supports various configurations, where up to four ports can be combined into a single x16 /128 GT/s port for higher bandwidth. Ports can be configured as 24x4 ports, 12x8 ports, 6x16 ports, and various configurations of each. Multiple switches can be connected to create larger port counts.