The Chinese coast guard ship damaged in a collision with a Chinese naval vessel in the South China Sea earlier this month is now under repair at Hainan Island, according to satellite images seen by Reuters - the first confirmation that it made it back to port.| gCaptain
Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa.| securelist.com
Black Friday 2024: What to Expect Black Friday, the traditional kickoff to the holiday shopping season, is set to make waves in 2024 with projected sales reaching an impressive $10.8 billion—a 9.9% increase from last year according to Statistics.blackfriday analysts. According to the same team, Cyber Monday sales in 2024 are expected to reach $13.2 […] The post Black Friday Without the Developer Nightmares: A Survival Guide appeared first on Lightrun.| Lightrun
In one of the most significant insider-assisted cyberattacks in Brazil’s financial history, a low-level IT operator working at C&M Software—a company that links smaller banks to Brazil’s PIX real-time paymentRead More → The post How a Low-Level IT Worker Helped Hack Brazil’s Banking System — Step by Step appeared first on Information Security Newspaper | Hacking News.| Information Security Newspaper | Hacking News
Today, I believe we cannot successfully answer several key questions about SRE. Let's start with the most important one: how can we understand what reliability customers want and need?| RelyAbility Blog
When writing up my impressions of the GCP incident report, Cindy Sridharan’s tweet reminded me that I failed to comment on an important part of it, how the responders brought the overloaded s…| Surfing Complexity
The airline confirmed the crash of Air India Flight 171, scheduled for service from Ahmedabad Airport (AMD) to London Gatwick Airport (LGW). Over 200 Dead After Plane Crashes at Medical College Citing local officials, The New York Times reports over 200 people have died in the crash. It is unknown at this time […]| FlyerTalk – The world's most popular frequent flyer community
Crypto’s Weakest Link? Coinbase Hacked by Its Own Support Team - Incidents - Information Security Newspaper | Hacking News| Information Security Newspaper | Hacking News
As part of my Cyber SOC GitHub repo I’ve put together lots of resources to try and help people with … Continue reading Business Email Compromise Check List| PwnDefend
One of the most famous physics experiments in modern history is the double-split experiment, originally performed by the English physicist Thomas Young back in 1801. You probably learned about this…| Surfing Complexity
Currently there appears to be a relatively significant cyber security incident at Marks and Spencer. So I thought I would give a demo of using AI (LLM, GROK) to create a timeline:| PwnDefend
One of the criticisms leveled at resilience engineering is that the insights that the field generates aren’t actionable: “OK, let’s say you’re right, that complex systems ar…| Surfing Complexity
If you’re a regular reader of this blog, you’ll have noticed that I tend to write about two topics in particular: Resilience engineering Formal methods I haven’t found many people…| Surfing Complexity
Students reported multiple hate crimes to the Stanford University Department of Public Safety (SUDPS) over the past weeks, amid rising tensions over the Israel-Gaza war. While the University reported that there was no significant increase in hate crimes, students said they witnessed many instances of hate crimes and hateful speech.| The Stanford Daily
It only takes a few off-the-rails incidents in your software career to realize the importance of writing things down. That’s why so many companies’ incident response protocols define a scribe role. The scribe’s job, generally, is to take notes on everything that happens. In other words, the scribe produces an artifact of the response effort. … Continue reading Fight understanding decay with a rich Incident Summary| Dan Slimmon
A play in one act Dramatis personae EM, an engineering manager TL, the tech lead for the team X, an engineering manager from a different team Scene 1: A meeting room in an office. The walls are ado…| Surfing Complexity
This morning, AWS News had a minor production incident. The platform sends out a daily digest of the most popular AWS news articles, but today, it didn’t. The problem wasn’t hard to fin…| Luc van Donkersgoed's Notes
The Observability Crisis is an article from Jaya Gupta & Ashu Garg from Foundation Capital, a Silicon Valley based venture capital (VC) firm investing in tech startups. TLDR: Companies in the first wave of the observability space (such as Splunk, AppDynamics, Datadog and New Relic) focused on solving data storage and analysis problems. However, with […]| Shaun Abram
Why we do incident drills and why you should too is an article by Fína Mádrová, an SRE at Mews. This is a summary (600 words) of the original (1400 words). Intro Bugs and issues can be reduced by good practices and architecture, but serious ones that rise to the level of an incident are […]| Shaun Abram
Recently we at Stanza have been exploring operational data, and it's been really exciting to bring techniques and ideas from other domains into our domain - production systems generally, traffic, alerting, cloud costs, etc. The thing we’ve been looking at most recently is a thing called Benford’s Law.| RelyAbility Blog
One of the workhorses of the modern software world is the key-value store. there are key-value services such as Redis or Dynamo, and some languages build key-value data structures right in to the l…| Surfing Complexity
In this article we analyze social engineering aspects of the XZ backdoor incident. Namely pressuring the XZ maintainer to pass on the project to Jia Cheong Tan, and then urging major downstream maintainers to commit the backdoored code to their projects.| securelist.com
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process.| securelist.com
Software cannot be shown to be stable, and so it’s safer to assume it isn’t.| RelyAbility Blog
The urgency often obscures the fact that incidents cause more incidents. Incidents are not isolated events but links in a chain, each capable of setting off a cascade of further issues. The key lies in resisting these impulses, favoring a methodical exploration of safe, effective and reversible solutions.| Shayon Mukherjee
From early rides on the roads, in the sea and in the sky, to diverse roles at the sharp and blunt ends, Tom Lintner has had an extraordinary career spanning half a century in aviation. In…| Humanistic Systems
The 2022 Void Report came out in late 2022, It is a recommended read, and I previously summarized it here. This article focuses on one aspect of the report: why mean time to recover (MTTR) is not an appropriate metric for complex software systems.| Shaun Abram
2022 VOID Report Summary| Shaun Abram
