Security News > 2021 > May

The problem, is it is so good at storing, and in our modern society we don't have the lean times, so it just keeps storing every spare calorie untill it crushes the life's breath out of you quite literally unles you burn it off in some way It's why "Fasting is good" but "Starvation is bad" because when that fat is gone, your muscles and intetnal organs are in next layers down on the list of "Energy stores" your body will use. So nature "Knows" there is an optimum for a reserve in each storage system and it works out to a little over 1/3rd of total capacity ~36.788% of the system over 'a given period of time'.

A session on how to hack into a Kubernetes cluster was among the highlights of a Kubecon where the main events were generally bland and corporate affairs, perhaps indicative of the technology now being a de facto infrastructure standard among enterprises. Kubernetes is huge, and if there was an underlying theme at the event it was that Kubernetes is becoming the standard runtime platform.

Chances are low that you'll get sued for copyright infringement based on what's in the background of your Zoom call, but it's better to be safe than sorry.

Microsoft is working on addressing an Office 365 issue that has resulted in legitimate emails sent from multiple domains getting tagged as malicious and quarantined. "Users having multiple issues related to email flow, links within email messages and the Microsoft Defender portal," Microsoft says in the Microsoft 365 admin center.

The Biden administration has declared a state of emergency that covers 17 states and Washington D.C. in the wake of the ransomware attack on the Colonial Pipeline Co., and is working with Colonial to restart operations. The Cybersecurity & Infrastructure Agency has posted ransomware guidance and resources, saying that it's engaged with Colonial over the attack.

On Friday, Colonial Pipeline Company discovered that it had been hit by a ransomware attack. The attack forced Colonial Pipeline to shut down certain systems, temporarily stopping all pipeline operations.

The Lemon Duck cryptocurrency-mining botnet has added the ProxyLogon group of exploits to its bag of tricks, targeting Microsoft Exchange servers. That's according to researchers at Cisco Talos, who said that the cybercrime group behind Lemon Duck has also added the Cobalt Strike attack framework into its malware toolkit and has beefed up anti-detection capabilities.

Google has released a new open-source tool called cosign to make it easier to manage the process of signing and verifying container images. Google says all of its distroless images have been signed using the open source tool and that all users of distroless can easily check whether they are using the base image they are looking for.

After a ransomware attack forced Colonial Pipeline Company to proactively shut down operations of the largest refined products pipeline in the United States, the company is scrambling to get systems back to normal operating capacity. The ransomware attack, which the FBI has confirmed to be the Darkside ransomware, triggered the company to halt all pipeline operations on Friday.

The Federal Bureau of Investigation and the Australian Cyber Security Centre are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide. "The Australian Cyber Security Centre is aware of an ongoing ransomware campaign utilizing the Avaddon Ransomware malware [.] actively targeting Australian organisations in a variety of sectors," the ACSC added [PDF].