Red Hat Leftovers Eat up fewer resources in Cryostat 2.1 with sidecar reports Cryostat is a tool for managing JDK Flight Recorder data on Kubernetes. Version 2.1 of Cryostat introduces the option of using a sidecar reports container to generate automated analysis reports for JDK flight recordings. Previously, the main Cryostat container handled the report generation. Report generation is a resource-intensive operation, and as a result, users may find themselves overprovisioning the Cryostat container to meet peak resource demands. Those resources may in turn end up unused if you're not generating reports. With this new option to delegate report generation to a sidecar container, users will find it easier to provision resources more efficiently. When report generation is not a concern, the main Cryostat container, including its web server and various lightweight operations over HTTP and JMX, has only a small resource footprint. Based on their report generation workflow, users can provision resources to the sidecar reports container accordingly and spin up any number of replicas of that container.

Cockpit 270 Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from Cockpit 270, cockpit-machines 269, and cockpit-podman 48...

Digital transformation: 5 reality checks before you take the plunge Digital transformation (DX) can mean just about anything and everything in the business and technology spectrum. Starting with the transition from analog to digital, the term has evolved to refer to the adoption of social and mobile technologies and more recently, to the implementation of any of a plethora of digital technologies. With so much focus on digital, enterprises risk losing sight of what really matters: the actual transformation.

6 tips for effective meetings in a hybrid work environment The pandemic has changed meeting culture forever. Zoom has become a verb and a household name. While online meetings were always part of business life, the pandemic and its aftermath made them an essential part of doing business for the foreseeable future. With distributed workforces now standard, doing online meetings “right” is more important than ever. After hosting and attending thousands of meetings in my many stints at companies large and small, I’ve become an expert on what it takes to have a productive meeting. Here are some key dos and don’ts and some tips and tricks for making online and hybrid meetings more effective.

Security Leftovers Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes - Check Point Research [Ed: Microsoft Windows TCO] In the past two months, we observed multiple APT groups attempting to leverage the Russia and Ukraine war as a lure for espionage operations. It comes as no surprise that Russian entities themselves became an attractive target for spear-phishing campaigns that are exploiting the sanctions imposed on Russia by western countries. These sanctions have put enormous pressure on the Russian economy, and specifically on organizations in multiple Russian industries. [...] The malware creates a working directory %TEMP%\\OfficeInit and copies to it INIT and cmpbk32.dll files, as well as a legitimate 32-bit Windows executable cmdl32.exe from either System32 or SysWOW64 folder, depending on if the operating system is 32 or 64 bit.

Sandworm uses a new version of ArguePatch to attack targets in Ukraine [Ed: Microsoft Windows TCO] Filename: eset_ssl_filtered_cert_importer.exe SHA-1 hash: 796362BD0304E305AD120576B6A8FB6721108752 ESET detection name: Win32/Agent.AEGY

Malicious Python Repository Package drops Cobalt Strike on Windows, macOS & Linux systems [Ed: It's not an OS issue; it's about people installing malicious software and greater threats are proprietary software's back doors] Public repositories of open source code are a critical part of the software supply chain that many organizations use to build applications. They are therefore an attractive target for adversaries seeking to distribute malware to a mass audience.

747 Hackathon | Pen Test Partners As is probably clear from our blog and public talks aviation cyber security is an area of huge interest to us. Some of us are also light aircraft pilots, so the crossover of two of our loves makes for some fascinating research. Over the last few years we’ve managed to get access to several airplanes that have been recently retired. As the various breakers yards are backed up with planes retired during the pandemic, many fully functional planes are available that will never fly again. However, a big problem for us is that the planes get dismantled, often between visits. On several occasions we’ve gone to an airframe to figure out the on board systems, go back to the lab to prepare custom connectors and tools, then come back a month later to find out that it’s been taken apart into many many pieces.