A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
1 A library injection module to execute malicious code by writing at a process' virtual memory.
2 An execution hijacking module that modifies data passed to the kernel to execute malicious programs.
3 A local privilege escalation module that allows for running malicious programs with root privileges.
4 A backdoor with C2 capabilities that can monitor the network and execute commands sent from a remote rootkit client. It incorporates multiple activation triggers so that these actions are transmitted stealthily.
5 A rootkit client that allows an attacker to establish 3 different types of shell-like connections to send commands and actions that control the rootkit state remotely.
6 A persistence module that ensures the rootkit remains installed maintaining full privileges even after a reboot event.
7 A stealth module that hides rootkit-related files and directories from the user.
https://github.com/h3xduck/TripleCross
1 A library injection module to execute malicious code by writing at a process' virtual memory.
2 An execution hijacking module that modifies data passed to the kernel to execute malicious programs.
3 A local privilege escalation module that allows for running malicious programs with root privileges.
4 A backdoor with C2 capabilities that can monitor the network and execute commands sent from a remote rootkit client. It incorporates multiple activation triggers so that these actions are transmitted stealthily.
5 A rootkit client that allows an attacker to establish 3 different types of shell-like connections to send commands and actions that control the rootkit state remotely.
6 A persistence module that ensures the rootkit remains installed maintaining full privileges even after a reboot event.
7 A stealth module that hides rootkit-related files and directories from the user.
https://github.com/h3xduck/TripleCross
Некоторые изменения в процессах требуются при наличии 150+ инженеров в командах, а не когда их трое.
Forwarded from DevOps&SRE Library
Reducing Cognitive Load in Agile DevOps Teams Using Team Topologies
https://www.infoq.com/articles/reduce-cognitive-load-devops-teams
https://www.infoq.com/articles/reduce-cognitive-load-devops-teams
diagrams
Diagram as Code for prototyping cloud system architectures
https://github.com/mingrammer/diagrams👍1
Forwarded from k8s (in)security (Дмитрий Евдокимов)
Мощный лонгрид "User and workload identities in Kubernetes" посвящённый
В данной статье есть очень классный момент про работу
AuthN (на самом деле это 4 статья из цикла). Помимо более-менее очевидных моментов что кочуют из статьи в статью про аутентификацию в Kubernetes - типа: внутренние и внешние субъекты, различные стратегии аутентификации (static token, bearer token, X509 certificate, OIDC и т.д.), назначение и роль Service Accounts и подобное.В данной статье есть очень классный момент про работу
Service Accounts и Secret до версии 1.24 и начиная с нее. Если вы об этом не знали, то тут появляется значительное отличие по работе. Если раньше при создании Service Accounts для него Secret с token создавался автоматически, то теперь этого не происходит (но можно вернуть прежнее поведении через специальную annotations - читайте в этой же статье). С версии 1.24 желаемый token монтируется в Pod автоматически как projected volume и имеет срок действия (чего не было раньше)!Forwarded from /usr/bin
My top 10 Linux commands for debugging server issue
Несколько команд для диагностики проблем с сервером Linux. Читать дальше.
Несколько команд для диагностики проблем с сервером Linux. Читать дальше.
https://luminousmen.com/post/spark-tips-optimizing-jdbc-data-source-reads/
df = spark.read \
.format("jdbc") \
.option("url", "jdbc:postgresql:postgres") \
.option("dbtable", "db.table") \
.option("user", "user")\
.option("password", "pass") \
.option("numPartitions", "10") \
.option("lowerBound", "0") \
.option("upperBound", "10000") \
.load()
Kubefirst open source application delivery and infrastructure management platform
The Kubefirst CLI is a cloud provisioning tool. With simple setup and two CLI commands, we create a kubernetes cluster managed with automated Infrastructure as Code, GitOps asset management and application delivery, secrets management, a sample application delivered to development, staging, and production, and so much more. It's an open source platform ready to be customized to suit your company's needs.
https://www.reddit.com/r/kubernetes/comments/xfvby8/kubefirst_open_source_application_delivery_and/?utm_source=share&utm_medium=web2x&context=3
The Kubefirst CLI is a cloud provisioning tool. With simple setup and two CLI commands, we create a kubernetes cluster managed with automated Infrastructure as Code, GitOps asset management and application delivery, secrets management, a sample application delivered to development, staging, and production, and so much more. It's an open source platform ready to be customized to suit your company's needs.
https://www.reddit.com/r/kubernetes/comments/xfvby8/kubefirst_open_source_application_delivery_and/?utm_source=share&utm_medium=web2x&context=3
reddit
Kubefirst open source application delivery and infrastructure...
Posted in r/kubernetes by u/kubefirst • 69 points and 35 comments
Отличные рекомендации для описания инфраструктуры на Terraform HCL
Forwarded from DevOps&SRE Library
20 Terraform Best Practices to Create Clean and Reusable Code
https://www.contino.io/insights/terraform-best-practices
https://www.contino.io/insights/terraform-best-practices
В отличие от нас кто-то уже решает вопросы вертикального масштабирования, довольно любопытно
Forwarded from DevOps&SRE Library
Vertical CPU Scaling: Reduce Cost of Capacity and Increase Reliability
This blog post describes the implementation of an automated vertical CPU scaling system in which every storage workload running at Uber is allocated the ideal amount of cores. The framework is used today to right-size more than 500,000 Docker containers, and since its inception it has applied a net reduction of allocations of more than 120,000 cores, leading to annual multi-million dollar savings in infrastructure spending.https://www.uber.com/blog/vertical-cpu-scaling/