InfoQ Homepage Cloud Computing Content on InfoQ
-
Critical Control Web Panel Vulnerability Still Under Exploit Months After Patch Available
A 9.8 severity vulnerability in Control Web Panel, previously known as CentOS Web Panel, allows an attacker to remotely execute arbitrary shell commands through a very simple mechanism. Although readily patched, security organizations are reporting it is under active exploit.
-
Cloudflare DDoS Report Finds Increase in Attack Volume and Duration
Cloudflare released its Distributed Denial of Service (DDoS) Threat Report for the fourth quarter of 2022. The report covers the DDoS attack landscape as detected by the Cloudflare network. HTTP DDoS attacks increased 79% year-over-year with ransom DDoS attacks seeing an increase as well. The report found that longer attacks are increasing especially with network-layer DDoS attacks.
-
Internal Platform Framework Kratix Releases Community Marketplace
Kratix, an open-source framework for building internal platforms, has released a marketplace of community-provided Promises. Within Kratix, Promises represent components curated by the platform team that application teams can request. The Kratix Marketplace is open for submissions from the community.
-
Amazon S3 Encrypts All New Objects with AES-256
Since January 5th, Amazon S3 encrypts all new objects by default with AES-256 to protect data at rest. S3 automatically applies server-side encryption using Amazon S3-managed keys for each new object, unless a different encryption option is specified.
-
Docker Desktop 4.16 Brings Docker Extensions to General Availability
Docker Inc has released their first update of 2023 for the Docker Desktop product - version 4.16. The most significant improvement in this release is to bring Docker Extensions to general availability, and the release also offers a number of performance improvements.
-
Elastic 8.6 Released with Improvements to Observability, Security, and Search
Elastic has released Elastic 8.6 with improvements across the entire Elastic Search Platform including Elastic Enterprise Search, Elastic Observability, Elastic Security, and Kibana. The release includes additional connector clients, better observability of dependencies, improvements to alerts generated from prebuilt security rules, and temporary data views.
-
Google Kubernetes Engine Adds Multishares for Filestore Enterprise
Google Cloud has moved Filestore Enterprise Multishares for Google Kubernetes Engine (GKE) into general availability. With Filestore Enterprise Multishares, multiple persistent volumes can be packed onto a Filestore Enterprise instance to improve storage utilization and reduce costs.
-
Traefik Hub Enables Simple and Secure Container Publishing
Traefik Labs have announced the general availability of Traefik Hub, a tool designed to allow admins to quickly and securely publish Kubernetes and Docker containers.
-
SBOM Quality and Availability Varies Greatly across Projects
A recent assessment of the quality and availability of SBOMs in open-source repositories found the availability and implementation to vary widely. The OpenSSF's Open Source Software Security Mobilization Plan has a dedicated stream to improving the availability, generation, and consumption of SBOMs.
-
AWS Introduces Step Functions Distributed Map for Large-Scale Parallel Data Processing
AWS recently announced a distributed map for Step Functions, a solution for large-scale parallel data processing. Optimized for S3, the new feature of the AWS orchestration service targets interactive and highly parallel serverless data processing workflows.
-
Just, a New CLI for Spring Boot Applications
Just, a command line tool requiring zero configuration, increases the Java development experience while building Spring Boot applications. Just automatically reloads the application when there is a change in source code, build files or Docker compose files. The project also supports the creation of (native) applications and (native) Docker images.
-
Report Finds Heavy Use of Open-Source Solutions for Kubernetes Security
A recent survey by Armo on the use of security software solutions with Kubernetes found that over half of respondents leverage open-source tooling. Companies using open-source tooling use on average 3.6 different tools. These open-source tools were predominately used for service mesh, network policy and micro-segmentation, and misconfiguration scanning.
-
Amazon ECS Adds Automated Rollbacks
Amazon has released native support for automated rollbacks within their Amazon ECS service. This feature leverages Amazon CloudWatch metric alarms to monitor and, if necessary, reverts the in-progress deployment. This feature supports using any system metrics that CloudWatch Container Insights collects for Amazon ECS as well as custom metrics.
-
Zero Trust Access to Corporate Applications with AWS Verified Access
At re:Invent 2022, AWS released a new enterprise application connectivity service, Verified Access. The service provides Zero Trust access to enterprise web applications by employing endpoints and policies to authenticate and authorize user requests against identity providers or device management systems. Verified Access is currently in public preview in 10 AWS regions.
-
Google Cloud Introduces Sensitive Actions to Improve Security for Premium Accounts
Google Cloud announced the preview of Sensitive Actions Service, a premium security feature to identify potentially risky behaviors on the cloud. The service detects when actions are taken in a GCP organization that could be damaging if taken by a malicious actor.