Lightnews — Scholar-powered news

Reposted by Rory McCune

Datadog Security Labs @securitylabs.datadoghq.com · 13h

Our State of Cloud Security 2025 study is out!

www.datadoghq.com/state-of-clo...

• On AWS, 40% of organizations leverage data perimeters
• 11% of Google Cloud GKE and 23% of Google Cloud VMs are overprivileged
• On Azure, 1.3% of storage containers are public, 58% proactively block public access

State of Cloud Security | Datadog

For our 2025 report, we analyzed AWS, Google Cloud, and Azure data from thousands of organizations to understand the latest trends in cloud security posture.

www.datadoghq.com

3 5

Reposted by Rory McCune

Sidero @siderolabs.com · 1d

When it comes to #K8s security, we don’t just say we care. We double down on what makes a system fundamentally secure.

And that's the topic of our next webinar.

📅 Thurs Oct 9 @ 18:00 CEST
🎙️ Justin Garrison + Rory McCune

Join us --> streamyard.com/watch/cmw4tY...

Is your Kubernetes secure?

Kubernetes is not secure by default. Default configurations often lack the stringent security controls needed to protect across bare metal and edge. Its broad attack surface demands additional…

streamyard.com

1 1

Rory McCune @mccune.org.uk · 2d

Calling all Kubernetes security interested folk. We're planning the next version of the OWASP Kubernetes Top 10, and have a survey to solicit ideas and feedback here docs.google.com/forms/d/e/1F... . Shouldn't take more than a couple of minutes to fill out and all feedback's welcome!

OWASP Kubernetes Top 10 2025 Survey

We're looking to update the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included. The goal of the Top 10 is to provide awareness on the most serious risks that Kubernet...

docs.google.com

7 5

Reposted by Rory McCune

puppy @duckinator.bsky.social · 3d

The team formerly behind RubyGems has come together to launch a new gem server for the Ruby community!

gem.coop

I am *super* excited about this!

gem.coop

3 56 170

Rory McCune @mccune.org.uk · 4d

Surprised to see a Jay in London! I used to live in rural Argyll and we had quite a lot of them there, very fond of seed and peanuts!

Reposted by Rory McCune

The Verge @theverge.com · 5d

Discord customer service data breach leaks user info and scanned photo IDs

An “unauthorized party” may have accessed the names of users, the last four digits of credit card numbers, and more.

buff.ly

130 1.6K 2.6K

Reposted by Rory McCune

Sidero @siderolabs.com · 8d

Want to talk security? Join our next webinar.

📅 Thurs, Oct 9 @ 18:00 CEST
🎙️ @justingarrison.com and @mccune.org.uk

As we cover
- Where #Kubernetes is and isn't secure
- Features that make a difference
- Practical steps you can apply today

Get your spot: streamyard.com/watch/cmw4tY...

5 8

Reposted by Rory McCune

BSides London @bsideslondon.bsky.social · 8d

#BSidesLDN2025 second ticket release today!
Last tickets will be out on 1st Nov.
No code is needed, if tickets are available, they will be revealed when you hit "Get tickets".

Ticket are ONLY available via Eventbrite!
bit.ly/BSidesLDN2025Tkts

#Security #BSides #London #Tickets

5 5

Reposted by Rory McCune

Whitney Lee @wiggitywhitney.bsky.social · 8d

It’s finally here! ⚡️Enlightning returns in TWO HOURS!

I’ll be live with @aparker.io exploring Generative AI + OpenTelemetry: tracing, conventions, and even feeding telemetry back into coding assistants.

Don’t miss it!
youtu.be/S6zyprFIapM

1 5

Reposted by Rory McCune

David Buchanan @retr0.id · 9d

tired: it's always DNS

inspired: ICANN feel it coming in the air tonight

16 240 1.2K

Rory McCune @mccune.org.uk · 11d

VPN :D In all seriousness a well known VPN provider (I'm using Tailscale + Mullvad) is probably a better bet in terms of privacy and avoiding providing sensitive data to random identity services providers.

1 1

Reposted by Rory McCune

Mike McQuaid @mikemcquaid.com · 19d

Having met with both sides on the current RubyCentral/RubyGems situation, here's my take:

- RubyCentral have managed this exceptionally poorly in many ways including removing literally the most active member of the RubyGems organisation by mistake who has declined to return

2 43 130

Reposted by Rory McCune

puppy @duckinator.bsky.social · 20d

Hey, #ruby folks! I've been one of the #RubyGems maintainers for the last decade.

Ruby Central has forcefully taken control of the RubyGems organization on GitHub, the `rubygems-update` and `bundler` gems on rubygems[.]org, and more.

You can read the details here: pup-e.com/goodbye-ruby...

RubyGems.org | your community gem host

rubygems.org

16 170 330

Rory McCune @mccune.org.uk · 27d

My talk at @containerdays.bsky.social this week was on Kubernetes and post exploitation. I've had a couple of requests for a companion blog post, so here it is. The post looks at some things attackers might do in clusters they've compromised to retain access.

raesene.github.io/blog/2025/09...

Beyond the surface - Exploring attacker persistence strategies in Kubernetes

raesene.github.io

7 14

Rory McCune @mccune.org.uk · Sep 9

Thanks!

Rory McCune @mccune.org.uk · Sep 9

That’s my talk done @containerdays.bsky.social great conference so far and a very civilised selection of free drinks!

1 11

Rory McCune @mccune.org.uk · Sep 8

It is very sunny isn’t it!

1 1

Reposted by Rory McCune

Smarticu5 @smarticu5.bsky.social · Sep 1

Unsurprisingly, I have opinions about Kubernetes, particularly when it comes to multitenancy and how easy it is to break out of common deployments. Today I wrote about them for @amberwolfsec.bsky.social

blog.amberwolf.com/blog/2025/se...

Breaking Boundaries - Kubernetes Namespaces and multi-tenancy

AmberWolf Security Research Blog

blog.amberwolf.com

1 6 19

Reposted by Rory McCune

BSides London @bsideslondon.bsky.social · Aug 30

Our first ticket release is this Monday (1st Sept) at 1337hrs:
bit.ly/BSidesLDN202...

18 18

Reposted by Rory McCune

Docker @docker.com · Aug 29

Bitnami is removing their public Docker image catalog & switching to paid access.

If you now need a stable, affordable alternative, Docker has:
- Free Official Images
- Secure-by-default Hardened Images (DHI)
- No vendor lock-in, no surprise deprecations

news.ycombinator.com/item?id=4504...

The Deletion of Docker.io/Bitnami | Hacker News

news.ycombinator.com

3 8

Reposted by Rory McCune

Smarticu5 @smarticu5.bsky.social · Aug 27

www.stepsecurity.io/blog/supply-...

2 3

Reposted by Rory McCune

BSides London @bsideslondon.bsky.social · Aug 26

A few things!

The first #BSidesLDN2025 ticket release is now less then a week away!

Our logo competition is still open!
See bsides.london/event-inform... for more information on both

Oh, CFP is open too! cfp.bsides.london/bsides-londo...

It's all going on!
#Security #BSides #London

a cat is sitting in front of a laptop computer and says busy busy busy

ALT: a cat is sitting in front of a laptop computer and says busy busy busy

media.tenor.com

1 3 6

Reposted by Rory McCune

Ian Coldwater 👻🌿 @lookitup.baby · Aug 23

Every day is Tabby appreciation day! 💖

Cats of Yore @catsofyore.bsky.social · Aug 23

Tabby appreciation party. Photo from my collection, 1947.

Black and white photo of two white women sitting on a living room floor, both of them petting a shorthaired tabby cat that sits between them.

2 2 57

Rory McCune @mccune.org.uk · Aug 21

I did a bit more looking into the upcoming bitnami deprecation. The images are still getting millions of pulls a week, so depending on exactly what tags vanish next week, there could be a lot of broken deploys on the 28th!

raesene.github.io/blog/2025/08...

Bitnami Deprecation

raesene.github.io

4 5

Rory McCune @mccune.org.uk · Aug 20

Yeah currently going through some of that, albeit as the house was built in the 1850's we kind of expected some level of repairs. Roofers went up to replace some slates and found that quite a bit of the roof needed worked on, that's not being cheap to fix!

1 2