• 0 Posts
  • 429 Comments
Joined 2 years ago
Cake day: June 18th, 2023
  • NaibofTabr@infosec.pubtoSelfhosted@lemmy.worldHow do you keep track of vulnerabilities?English
    3·
    12 days ago

    The issue is more that trying to upgrade everything at the same time is a recipe for disaster and a troubleshooting nightmare. Once you have a few interdependent services/VMs/containers/environments/hosts running, what you want to do is upgrade them separately, one at a time, then restart that service and anything that connects to it and make sure everything still works, then move on to updating the next thing.

    If you do this shotgun approach for the sake of expediency, what happens is something halfway through the stack of upgrades breaks connectivity with something else, and then you have to go digging through the logs trying to figure out which piece needs a rollback.

    Even more fun if two things in the same environment have conflicting dependencies, and one of them upgrades and installs its new dependency version and breaks whatever manual fix you did to get them to play nice together before, and good luck remembering what you did to fix it in that one environment six months ago.

    It’s not FUD, it’s experience.

  • NaibofTabr@infosec.pubtopolitics @lemmy.worldDefense Secretary Pete Hegseth orders a halt to offensive cyber operations against RussiaEnglish
    23·
    12 days ago

    Every nation outside of Russia has been under attack from Russian mercenary groups for over a decade. In the news they’re typically referred to as “ransomware gangs”. This is a euphemism. The reality is that these groups all have ties back to FSB or other parts of the Russian military structure. They operate with the approval of the Russian government, and they attack Russia’s adversaries. They attack civilian infrastructure indiscriminately, disabling power, water, logistics, schools, hospitals… they don’t care what the damage is, they don’t care if people die because of their actions.

    NotPetya is the classic example. That was 8 years ago. Since then the frequency and scope of attacks has increased.