The Google Camera app has been renamed and features a new UI

0
[ad_1]
The Google Camera app is available to Pixel devices only which makes the Google Camera name a misnomer. So according to 9to5Google, the app has been renamed Pixel Camera in the Google Play Store. Google also updated the copy of the app’s listing in app storefront.
Previously, Google wrote, “Never miss a moment with Google Camera, and take fantastic pictures and videos using features such as Portrait, Night Sight, and the video stabilization modes.” That sentence  now reads, “Never miss a moment with the fully redesigned Pixel Camera, and take fantastic photos and videos using features like Portrait, Night Sight, Time Lapse, and Cinematic Blur.” The latest version of Pixel Camera works on Pixel devices running Android 14.
The Play Store listing highlights some Pixel Camera features such as Real Tone, Night Sight, Pro-controls and Hi-Res 50MP, Astrophotography, Portrait mode, Macro Focus video, and cinematic blur. The new features available with the re-named Pixel Camera app are:
  • New Camera UI that makes it easier to navigate through all the different photo and video modes
  • RAW improvements that enhance the editing workflow
  • Pro Controls unlock advanced camera settings like shutter speed, ISO, and more (on Pixel 8 Pro only)
  • High Res 50MP Photography for richer detail (on Pixel 8 Pro only)
  • General bug fixes and improvements

Google introduced the new Pixel Camera name during Google I/O in May. Other Pixel branded apps include Pixel Call Assist, Pixel Speech (Recorder), and Pixel Safe which includes the VPN, Car Crash Detection, and other features.

We told you about the new UI last month. One big change removes the Video option from the carousel near the bottom of the screen and instead, there are two buttons at the bottom of the screen with one showing a camera icon and the other showing a video camera icon. You will press the appropriate button before using the camera on your Pixel device.

[ad_2]
Source link

Google will pay German news publishers an annual fee of millions

0
[ad_1]

Google has reportedly agreed to pay German news publishers an annual fee of millions of euros to appease EU regulators. The fees would be paid to Corint Media, which represents rights for a large number of publications across Europe including CNBC Europe, Axel Springer, and Al Jazeera to name a few.

The fee each year would total around €3.2 million. Although there seems to be a disagreement on what a fair compensation amount should be. Corint asked for around €420 million for the content that Google used in its News app last year. But Google feels this number is too high and the number has now landed at the aforementioned €3.2 million.

There is also a possibility that Google could end up paying more than this amount to German news publishers each year.

Google could pay German news publishers more than €3.2 million

This all depends on what the German Patent and Trademark office decides. The DPMA could potentially rule that Google must pay more to publishers annually. Or it could settle on the agreed upon amount. This would be in addition to the single €5.8 million payment Google agreed to pay for content used from June of 2021 to March of 2023. Google also states that it has agreed to pay 470 other regional and national publications within the country. And that the amount it agreed to pay to Corint is “in-line” with those other payment amounts.

The agreements being made between Google and German news outlets is a result of Google swiping content from those publishers. And it’s an issue being faced by publishers well outside of the region. But it’s also one that can likely reach an agreement elsewhere. Managing Director of Corint Dr Christine Jury-Fischer states that this agreement in Germany shows that Google’s “dominant practices” can be beaten. But it’ll require a high level of unity from publishers.


[ad_2]
Source link

Even Google’s own employees have doubts about Bard

0
[ad_1]

Google is one of the biggest AI companies on the planet, and it’s one of the leaders in the generative AI race. Bard is the company’s flagship user-facing generative AI product at the moment, and it’s a powerful product. However, it seems that Google’s own employees actually have doubts about Bard.

So far, Bard has exhibited much of what we’ve seen from most other LLMs. It’s able to generate answers and responses in a very humanistic tone. While much of the information it produces is correct, it’s still susceptible to hallucinations. So, it’s your run-of-the-mill chatbot that populates the internet. On the surface, it seems that Google has a lot of faith in it. However, that’s not the case with some of its employees.

Some of Google’s employees have doubts about Bard

When Google’s own staff stand on stages and give keynotes about Bard, they all sound confident about its capabilities. However, on a less public-facing front, some of the company’s employees expressed their concerns with the chatbot.

According to a report from Bloomberg (via Search Engine Journal), several Google employees discussed Bard in an invite-only Discord chat. It consisted of Google designers, engineers, and product managers. In the conversation, Bard senior product manager Dominik Rabiej said, “My rule of thumb is not to trust LLM [large language model] output unless I can independently verify it… Would love to get it to a point that you can, but it isn’t there yet.”

This statement reflects the feelings that most people have toward AI-generated results. It’s nice having answers served up on a silver plate for you. However, you can’t always trust those results. People want to be able to verify where the information comes from.

Some employees wonder if Bard will actually have the sort of impact that the company intends. Cathy Pearl, Bard’s user experience lead said “Like really making a difference. TBD!”

That statement also speaks volumes about the company’s doubts about Bard. Again, when Google is on stage, we hear a lot about how its generative AI prowess will have a major effect on the tech industry. However, folks within Google are having trouble believing that. That says a ton, seeing as they’re the ones developing the chatbot.


[ad_2]
Source link

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group

0
[ad_1]

Earlier today, the RANSOMEDVC ransomware group claimed to have breached Colonial Pipeline company and also leaked 5GB worth of data including internal files and photos.

The infamous RANSOMEDVC ransomware group has declared that they successfully infiltrated Colonial Pipeline, the American company operating a significant pipeline system that transports over 100 million gallons of various petroleum products, including gasoline, diesel fuel, and jet fuel, on a daily basis.

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
What the RANSOMEDVC ransomware group published on their dark web blog (Image credit: Hackread.com)

These latest claims from the RANSOMEDVC group surfaced through posts on their dark web blog. The group also shared their claims via their recently launched Telegram channel and their X (previously Twitter) account. It’s worth noting that RANSOMEDVC is the same group that claimed to have breached Sony Corporation in September 2024.

In correspondence with Hackread.com, the group disclosed that apparently, Colonial Pipeline had refused to pay any ransom. However, they did not disclose the size of the alleged stolen data or the ransom amount demanded from the company.

Additionally, RANSOMEDVC publicly shared a file containing 5GB of data, claiming it belongs to Colonial Pipeline. Hackread.com has examined and analyzed this data. While it’s premature to draw definitive conclusions, the files and folders appear to contain a wealth of information, including diagrams, internal documents, leak detection policies, ICS and SCADA-related presentations, as well as photos of employees handling electronic equipment, among other things.

Notably, the photos of employees reveal that their desks feature a “Weekly Status Report” with the Colonial Pipeline logo.

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
From the leaked files (Image credit: Hackread.com)

However, in an exclusive statement to Hackread.com, Colonial Pipeline has rejected the claims made by the RANSOMEDVC ransomware group and linked the leaked files to “a third-party data breach unrelated to Colonial Pipeline.”

Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party. After working with our security and technology teams, as well as our partners at CISA, we can confirm that there has been no disruption to pipeline operations and our system is secure at this time. Files that were posted online initially appear to be part of a third-party data breach unrelated to Colonial Pipeline.

Colonial Pipeline

Colonial Pipeline’s Previous Encounter with Ransomware

This isn’t the first time that a ransomware group has asserted they breached Colonial Pipeline. In May 2021, a group called DarkSide successfully infiltrated the company’s systems, resulting in significant operational disruption.

Colonial Pipeline chose to pay a ransom of 75 Bitcoin to the DarkSide ransomware gang on May 7, 2021, amounting to approximately $4.4 million at that time. The ransom was paid to regain access to their systems and expedite the resumption of operations.

In June 2021, the U.S. Department of Justice (DoJ) disclosed that it had seized $2.3 million in Bitcoin, which Colonial Pipeline had paid to the DarkSide ransomware gang. The seizure was made possible by tracing the cryptocurrency trail and identifying the wallets used to store the ransom.

Furthermore, the FBI successfully dismantled DarkSide’s infrastructure, leading to the complete downfall of the ransomware group. As of November 2021, the U.S. government offered a $10 million reward for substantial information on the DarkSide ransomware gang.

The 2021 ransomware attack on Colonial Pipeline remains one of the most high-profile incidents in the history of ransomware attacks, underscoring the threats posed to critical infrastructure. This event also reignited debates about the wisdom of companies paying ransomware demands.

  1. ALPHV ransomware gang claims it has hacked Amazon’s Ring
  2. GhostSec Claim Breaching Iranian Govt Surveillance Software Tool
  3. Acer Data Breach: Hacker Claims to Sell 160GB Trove of Stolen Data
  4. BlackCat (ALPHV) Gang Claims Ransomware Attack on NCR Data Center
  5. Hacker Claims to Have Data of 7 Million 23andMe Users from DNA Service

[ad_2]
Source link

More complications are being added to At a Glance on Pixel Watch

0
[ad_1]

The At a Glance feature on the Google Pixel Watch is a very convenient feature, letting users check notifications easily. This feature is now getting new design options that users can pick from and stand out from the crowd. Lots of users have lamented about how at launch this feature only had a single face, hence limiting their customization abilities.

Well, those complaints are now a thing of the past as more watch faces and designs are rolling out. Google is adding two more complication styles to this feature, hence giving users more choices. This is a great design improvement from Google and the company aims to improve the Pixel Watch user experience.

With this improvement, users can access more information at a glance on their smartwatch. The amount of information now at the disposal of users will further reduce the need for them to reach out to their smartphones to check reminders and events. Let’s now check out what is new with the Pixel Watch At a Glance widget that is now rolling out.

Get more information in a new format with the Pixel Watch At a Glance widget update

This is the second At a Glance widget update that is now becoming available to Pixel devices. The first came to Pixel smartphones a few days ago and has been rolling out to users ever since. Now the second is becoming available to the Pixel Watch and it changes things for the good.

Previously, this feature on Pixel Watches came with support for only a single watch face. This was an issue for some users, as it didn’t give them as much information as they required. To solve this issue, Google is widely rolling out an update to this feature, making it more useful.

The At a Glance widget now supports the popular circular bulb interface. This interface layout gives users information on various facts and events that they need to remember during the day. These facts and events include the current temperature, upcoming calendar events, and the weather forecast.

There are also design elements that point out the users’ location-based reminders. Users will be able to access all this data and so much more by just lifting their wrists. Now, most users won’t need to scroll through their Pixel Watch’s tiles to access certain information.

At the moment, this update is rolling out to Pixel Watch users around the world. Google only has two smartwatch products to its name, making the number of models to update low. If you own either of these smartwatches then you will get this update bringing more information to your smartwatch’s home screen.


[ad_2]
Source link

Google has your back if its AI images land you in legal trouble

0
[ad_1]

Google isn’t the kind of company to have its toe in only one market, and that goes doubly for. Along with models that generate text, the company also has models that generate images. Well, if your AI image lands you in trouble for copyright infringement, Google will protect you, according to Android Police. However, there’s fine print that you should know about.

How could AI images land you in legal trouble?

The content that AI models generate has to come from somewhere. Before a text generator can generate a story, it needs to be fed a ton of stories to learn what a story is. The same goes for AI images.

Before image generators could start generating images, they needed to be fed a massive amount of image data to learn. These images come from the internet, and a massive amount of that image data comes from images that artists have created.

Well, image generators are also fed copyrighted images. This has led to some heated debates about whether using AI-generated images of copyrighted words should be considered theft.

If your AI images break copyright law, then Google will defend you

If you’re planning on using AI images in a professional sense, then this is something that should be on your mind. While AI images are wholly created from scratch, there’s still the chance that you could be dragged into court. If you’re using one of Google’s AI image services, then the company will defend you if your image happens to break copyright law.

Google’s defense won’t only affect you. The company will also provide legal help for the artist whose work was infringed upon. It’s definitely good for the company to do that. It talked a lot about being responsible with AI, and this shows that the company is looking to take responsibility for potential legal matters.

Now, what’s that fine print?

So, Google will step in and help out folks caught in a legal whirlpool, but this protection doesn’t extend to everyone. For starters, and this should come as no surprise, the company will only cover accidental copyright infringement. So, if you create an image with the intention to infringe on a creator’s art, then you’re on your own.

Next, Google’s protection only extends to those using the Vertex AI or Duet AI. These are both paid services. If you use Bard to generate your images (that functionality is on its way), and it lands you in hot water, Google will not offer assistance. This is always recommended that you be mindful of the images that you create.


[ad_2]
Source link

Phishing-as-a-Service from Strox hackers phish any brand

0
[ad_1]

The ever-evolving world of cybercrime has given birth to a disturbing phenomenon – Phishing-as-a-Service (PhaaS), and one name that sends shivers down the spines of cybersecurity experts is Strox. 

The tale of Strox begins in the first half of 2022 when Fortra, a cybersecurity organization, first detected a surge in fraudulent activities stemming from various PhaaS operations. 

These services serve as a one-stop-shop for cybercriminals, offering everything from advanced phishing kits to hosting services, mail spam scripts, and even a marketplace for selling stolen credentials.

Strox, or Strox[.]su or Strox Pages, is a standout player in the PhaaS landscape. This dangerous platform has operated since June 2021, initially imitating eleven US financial institutions. 

However, Fortra’s investigations revealed a more extensive history, with Strox-linked campaigns dating back to November 2021.

What sets Strox apart is its customization feature. It allows cybercriminals to create phishing campaigns targeting any brand by editing images and text, making it a versatile tool for fraud actors.

Document
FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

The Phishing Kits

A cornerstone of Strox’s operation is its collection of phishing kits. However, it’s important to note that many of these kits are not original creations by Strox. 

Instead, they modify popular phishing kits to incorporate advanced live phishing features. Spotting Strox indicators in phishing URLs may not confirm that the attack is directly linked to the service.

Currently, Strox offers twelve phishing kits, each priced at $90 USD. Purchasing equipment includes a unique API key, guaranteeing the buyer ongoing development and updates, including content and antibot information. 

Customers can preview demo phishing pages before making their selection. What’s striking is the auto-translation feature, ensuring the phishing content aligns with the victim’s browser language, covering over 230 languages.

Real-time Phishing Operations

One of the key features of Strox’s offering is the real-time admin panel that allows threat actors to control and monitor their attacks. 

This live panel provides insights into how many people view the phishing content and their actions. 

It’s also employed in man-in-the-middle attacks to obtain two-factor authentication codes and bypass additional security checks.

Notably, when threat actors are unavailable to monitor the attacks, they can set them to a dormant state to avoid detection during unproductive times. 

Strox also handles the exfiltration of stolen credentials through a centralized Telegram bot, ensuring encrypted communication and providing a marketplace for selling these ill-gotten credentials.

Automated log ad listing generated on a threat actor’s Telegram.
Automated log ad listing generated on a threat actor’s Telegram.

Strox stands out by offering to set up hosting infrastructure for its users, a service that most other PhaaS platforms do not provide. 

They offer bulletproof hosting of a cPanel installation for $3 a day, with features like a 30-day “No ‘Red Flag’ Guarantee,” unlimited bandwidth, DDoS protection, and HTTPS SSL Certification. 

However, Strox remains hands-off regarding domain registration, requiring users to register their domains to avoid detection from anti-phishing processes.

The choice of a “bulletproof” host has evolved over time. Initially, Strox used VPS installations on Digital Ocean servers. 

By the fourth quarter of 2022, they had shifted to Ponytech, FranTech Solutions, and Russian provider Dolgova Alena Andreevna.

In 2023, some Strox servers have been discovered behind CloudFlare’s DDoS protection services, while others continue to use hosting providers from 2022.

Phishing Made Easy with Strox

Strox aspires to be a one-stop shop for phishing threat actors. 

They offer various materials to facilitate phishing campaigns, including phishing email lures, target email lists, and PHP mailing scripts ready to be installed on Strox cPanel setups. 

They even provide more advanced SMS phishing services, allowing smishing lures to be sent to victims in the United States and Canada across all carriers.

What’s alarming is the pattern of increased Strox-linked phishing campaigns during the second quarter of each year. 

Strox has celebrated its anniversaries in both June 2022 and 2023 with sales events. 

Fortra has noticed heightened campaign activity in the months preceding and following these anniversaries, indicating a potential relationship between the sales and cyberattacks.

Strox group announcing their 2nd-anniversary promotion
Strox group announcing their 2nd-anniversary promotion

The rise of Strox illustrates the audacity and adaptability of cybercriminals. While cybersecurity experts continue their battle against these threats, Strox and PhaaS operations like it remain a daunting challenge, serving as a stark reminder of the ongoing struggle to secure the digital world.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.


[ad_2]
Source link

October update reaches US Galaxy S21 FE, Note 20 & more

0
[ad_1]

The October 2023 security update has reached a few more Galaxy smartphones in the US. Samsung is now pushing the latest security patch to the Galaxy Note 20 series, Galaxy S21 FE, and Galaxy S20 FE. The Note phones have already received the update in international markets, but the rollout has just begun for the two FE models. Their global versions should pick up the new SMR (Security Maintenance Release) in the coming days.

Samsung pushes October update to more Galaxy devices in the US

This month’s security update is available for both carrier-locked and unlocked variants of the Galaxy Note 20 series in the US. The devices are getting the new SMR with firmware build numbers N98*USQS5HWI1 and N98*U1UES5HWI1, respectively. Samsung’s official changelog confirms that the update doesn’t bring anything more than the latest security fixes. It was the same story in international markets as well.

The October SMR for Galaxy devices patches 46 vulnerabilities. 12 of those are specific to Samsung products, while the rest are Android OS issues affecting devices from other brands as well. At least two vulnerabilities patched this month are confirmed to be critical flaws. Along with the Galaxy Note 20 and Galaxy Note 20 Ultra, these security fixes are now rolling out to the US versions of the Galaxy S21 FE and Galaxy S20 FE as well.

As of this writing, the rollout for the two FE phones is limited to carrier-locked units. They are picking up the updates with the build numbers G990USQS9EWI2 and G781USQSDHWI4, respectively. The changelog remains the same as the Note lineup. Samsung should soon push the latest SMR to their factory-unlocked counterparts in the US and gradually expand the rollout to the rest of the world.

Note that Samsung’s October update isn’t yet available for the US versions of the regular Galaxy S20 models. The Galaxy S23 flagships are also awaiting the latest security patch. Their international versions have already received it. Hopefully, it won’t be long before users stateside get it too. As usual, you can check for new updates from the Settings app. Go to the Software update menu and tap on Download and install.

Galaxy Note 20 and Galaxy S20 FE won’t get Android 14

Samsung is expected to release its Android 14-based One UI 6.0 update (currently available in beta) later this month, starting with the Galaxy S23 series. Other models will follow soon, but the Galaxy Note 20 and Galaxy S20 FE won’t be in that pack. These phones arrived with Android 10 and are not eligible for major feature updates beyond Android 13. The Galaxy S21 FE will get Android 14. We will let you know when the rollout begins.


[ad_2]
Source link

Leak details CPU roadmaps for Intel, AMD, and Qualcomm

0
[ad_1]

A new leak has popped up that details the upcoming roadmaps for CPUs from Intel, AMD, and Qualcomm. Worth keeping in mind is that while there is a bit of interesting information here, it’s still just as leak and should be treated as such. Until these are otherwise confirmed by their respective brands. Whether as part of product launches or in some other fashion. With that said, there is potentially a lot to be excited about.

Starting with AMD, the company is rumored to be working on two new product types called Strix Point and Strix Halo. The leaks says that each chip will use classic cores. But the Strix Point chip will have configurations that use dense cores as well. In addition to the core types the leak also mentions both chips having support for DDR5 and LPDDR5X when it comes to RAM.

Roadmap leak says Intel is poised to introduce a Raptor Lake refresh for 2024

Moving on to Intel, it looks like the company is potentially set for a refresh of Raptor Lake CPUs for 2024. The leak, which comes from Golden Pig Upgrade on bilibili (via Videocardz) shows a Raptor Lake Refresh-HX and Meteor Lake-H coming in 2024. These will come alongside Meteor Lake-U9, as well as Meteor Lake-U15 and Raptor Lake Refresh-U that will roll into 2025. In 2025 Intel will also allegedly replace Raptor Lake-H and Raptor Lake-HX with Arrow Lake-HX and Arrow Lake-H. Additionally, the Raptor Lake Refresh-H will replace Meteor Lake-H.

As for Qualcomm, it appears to be working on a next-gen chip codenamed Hamoa. It’ll use a makeup of 8+x/6+4 Oryon Cores, with an Adreno 740 GPU. Support for UFS4/PCIe Gen 4 x4 NVMe storage is also present. As is support for LPDDR5X RAM that has clock speeds up to 8533 MT/s. The roadmap doesn’t mention any specific dates. Other than which year these refreshes will reportedly show up.


[ad_2]
Source link

Container Security in a GitOps Environment

0
[ad_1]
Container Security

GitOps is a methodology that uses Git (or other version control systems) to store all aspects of a project’s infrastructure, such as infrastructure as code (IaC), application code, and configuration files. Organizations using Kubernetes for container orchestration often use GitOps. 

GitOps uses Git as a single source of truth. As a result, only changes in Git can trigger builds and deployments. Pushing a Git commit to source control triggers a change that updates the application or cloud infrastructure. 

How Does GitOps Benefit CI/CD?

GitOps is an operations model that helps teams to implement new changes, like deployments within a cloud infrastructure. It enables initiating changes to application environments through pull requests to a Git repository that contains Kubernetes files. 

How GitOps and CI/CD work together

Since many organizations already use Git as a version control system as part of their CI/CD pipeline, GitOps facilitates greater collaboration. Teams can accurately distribute workloads by using GitOps as a single source control system. 

Git workflows employ automatic infrastructure updates to handle continuous delivery (CD), ensuring code can be pushed from repositories to your CI/CD pipelines for change initiation. It enables rolling out new releases within GitOps workflows by using Git pull requests to reconcile the current state with the declared state. 

You can manually approve and merge changes before they are automatically applied to the deployed infrastructure. Once changes are merged, the process applies to the system’s cloud infrastructure. 

You can compare the desired state in the repository to the current state in your deployed infrastructure and reconcile the differences. GitOps also enables you to continually use standard workflow practices for initiating integration and delivery daily.

How GitOps benefits CI/CD

Here are common advantages of using GitOps for CI/CD:

  • A common unified interface—GitOps serves as a single source of truth for all development environments, reducing the scope of potential errors.
  • Pull requests as change agents—teams can use GitOps to push code from a work in progress during any phase, including development, staging, and production, to a target environment. A team member can manually review changes ready to be pushed to ensure the code meets compliance and security standards. Once all stakeholders approve the code, you can push it to the desired environment.
  • Preventing configuration drifts—GitOps eliminates the need to push CI/CD pipelines manually, automating this process to guarantee a full match between your CI/CD and the development environment.
  • Documenting automatic updates—out-of-date documentation can introduce a source of errors and slow down the onboarding of new team members. GitOps automatically updates documentation to eliminate these issues.Modern apps can expand and evolve faster thanks to substantial automation. These benefits provide container security problems.
  • Easy duplication—in some cases, you might need to initiate duplication for development in different regions or environments. GitOps can facilitate the duplication and provisioning process to eliminate potential errors.
  • Version control—GitOps provides full control on roll-forwards and roll-backs, ensuring you can roll back to the latest clean version to achieve rapid recovery. It also helps investigate a flawed version in isolation, providing service continuity and accelerating recovery to prevent loss of business.
  • Hardened credentials security—GitOps shared read-only credentials between tools across the entire pipeline to harden security.

How Can GitOps Improve Container Security?

Cloud native applications rely on automation for almost the entire development and release process. They typically implement a CI/CD pipeline that runs multiple builds daily, resulting in heavy, reliable workloads.

This extensive automation has enabled modern applications to scale more efficiently and innovate quickly. However, these advantages also come with challenges for container security. A traditional security model does not provide the mechanisms needed to secure applications and infrastructure as code. It also cannot support cloud native monitoring and visibility.

Securing infrastructure

Infrastructure is integral to a modern application, defining services and containers. Thus, infrastructure security must be an integral part of application security. Security tools, threat information, and insights should be available across the SDLC. 

The security process should include functions like automated source code scanning, container image security scans, and other infrastructure tests. Shifting security left (i.e., implementing security tasks early in the SDLC) can help you handle security misconfiguration risks.

Managing security misconfigurations

Misconfiguration issues are widespread in cloud environments and affect containerized applications. Attackers often exploit vulnerabilities to try to access containers. Once in, an attacker could move laterally across the container environment to compromise other containers or steal sensitive data. 

Attackers can infect containers using malicious code packaged into a container image, allowing them to infect other users that download the image.

You can prevent attacks that exploit misconfigurations in Kubernetes by applying a policy that prevents pods from communicating with each other. This policy is not a default, so attackers could compromise one pod and talk to other pods to access your organization’s data.

It is not always feasible to detect possible misconfigurations manually. Therefore, it is best to embed security into the DevOps process by creating automated policies to manage configurations. You should implement best practices to detect misconfiguration. 

How GitOps helps

The GitOps model helps promote security by making the environment easier to manage. Developers can execute code without direct access to Kubernetes clusters or other infrastructure. GitOps automates the CD to apply these advantages in the cloud.

With GitOps, a developer can propose changes for the senior security experts and DevOps engineering team to review. Once the changes pass the automated checks, the developer can merge them into the main branch. 

GitOps also works for policy-as-code implementations, enabling an automated security process. Teams can use policies to define the guardrails for their infrastructure, including access control rules, limits, and operations management. GitOps provides instant feedback, allowing developers to see their code’s security level before deploying it to the cloud.

GitOps is an effective technique to shift security further left when properly implemented. It helps teams catch code quality issues and security misconfigurations early in development. In this way, it can make a dramatic impact on the security of development environments everywhere.


[ad_2]
Source link