NEWS
Hacks Abound
2018 is ending with some major hacks. Marriott International, one of the world's biggest hotel chains, announced that hackers compromised the reservation database of Starwood hotels. Hackers managed to steal personal details of about 500 million guests. According to The Hacker News, "The breach of Starwood properties has been happening since 2014 after an unauthorized party managed to gain unauthorized access to the Starwood's guest reservation database and had copied and encrypted the information" (https://thehackernews.com/2018/11/marriott-starwood-data-breach.html).
The second victim of another major hack is Quora, a user-driven question and answers site. According to reports, hackers gained access to sensitive information of over 100 million users (https://thehackernews.com/2018/12/quora-hack.html). The Hacker News wrote that the stolen data includes sensitive account information, such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter.
The third major hack was on Dell. The company said that it detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses, and hashed passwords. "Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These measures include the hashing of our customers' passwords and a mandatory Dell.com password reset. Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services," Dell said in a blog post (https://www.dell.com/learn/us/en/uscorp1/press-releases/2018-11-28-customer-update).
Even though Dell was not certain if any data was stolen, the company pushed password reset for all users as a precaution.
Kubernetes Vulnerability Found and Fixed
A critical vulnerability was discovered in the Kubernetes container orchestrator (https://github.com/kubernetes/kubernetes/issues/71411). The vulnerability (CVE-2018-1002105) allows non-privileged users to access Kubernetes clusters and associated data that they otherwise would not be able to access.
Bad actors can exploit the flaw in two ways – the first involves abusing pod exec privileges granted to a normal user, and the second involves attacking the API extensions feature, which provides the service catalog and access to additional features in Kubernetes 1.6 and later.
The flaw is already fixed and major Kubernetes vendors have already released patches. For instance, Red Hat has announced that OpenShift Container Platform 3.x and later are affected, as well as Red Hat OpenShift Online and Red Hat OpenShift Dedicated. The company suggests that users must immediately apply patches to their OpenShift deployments.
Microsoft Azure has announced that they have also fixed the vulnerability. The company said, "Azure Kubernetes Service has patched all affected clusters by overriding the default Kubernetes configuration to remove unauthenticated access to the entrypoints that exposed the vulnerability,"
The entrypoints are everything under https://myapiserver/apis/. If you were relying on this unauthenticated access to these endpoints from outside the cluster, you will need to switch to an authenticated path.
This is the first major vulnerability discovered in Kubernetes.
Dolphin Announces New Switch for Composable Architectures
Dolphin Interconnect Solutions has announced a new 24-port switch for I/O expansion and PCIe fabric. The MXS824 offers an innovative approach to composable architecture, a recent trend that combines the benefits of software-defined infrastructure with hardware-based device sharing and provisioning.
According to the announcement, "Dolphin's unique approach to building composable architectures is called device lending. Device lending allows access to devices installed in servers, as well as in expansion boxes or JBoFs. This creates a pool of transparent I/O resources that can then be shared among computers without any application-specific distribution mechanisms or requiring any modifications to drivers. Just as importantly, the resources can easily be reallocated whenever required, allowing for extremely flexible and ever-changing distributions of resources."
The MXS824 is designed to work with Dolphin's PCIe fabric to connect multiple servers with devices such as NVMe drives, GPUs, processors, and FPGAs in a way that allows on-the-fly software-defined configuration.
The 24-port Microsemi PFX-based 1U cluster switch delivers 32GT/s of non-blocking bandwidth per port at ultra-low latency. The switch supports various configurations, where up to four ports can be combined into a single x16 /128 GT/s port for higher bandwidth. Ports can be configured as 24x4 ports, 12x8 ports, 6x16 ports, and various configurations of each. Multiple switches can be connected to create larger port counts.
More Online
Linux Magazine
Linux Administration Focus
http://www.linux-magazine.com/tags/view/administration
Git Started with Git * Roman JordanThe Git version control system is a powerful tool for managing large and small software development projects. We'll show you how to get started.
Remote Git Repositories * Roman Jordan
Software projects often comprise several code branches, some of which exist in parallel. Git supports community code development through remote repositories and code branching.
ADMIN HPC
http://www.admin-magazine.com/HPC/
Parallelizing Code – Loops * Jeff Layton
OpenACC is a great tool for parallelizing applications for a variety of processors. In this article, I look at one of the most powerful directives, loop.
ADMIN Online
http://www.admin-magazine.com/
Exploring SQL Server on LinuxDavid Barbarin
SQL Server runs on Linux now. We'll show you how Microsoft developers made their massive database system Linux ready, and we'll help you get started with setting up SQL Server on your own Linux system.
Sharing threat information with MISPMatthias Wübbeling
The Malware Information Sharing Platform lets you record and document security incidents – and share the information with users on other networks.
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.