Illicit crypto-miners pouncing on lazy DevOps configs that leave clouds vulnerable Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that targets publicly accessible DevOps tools. Wiz Threat Research spotted the campaign and attributed it to an attacker it named JINX–0132, which it says …
More than half of infosec seems to be putting guardrails Around idiot developers who for some reason have been given the keys to the kingdom after whining about system admins not giving them admin access or refusing to turn off the firewalls
Agile, DevOps etc are a nightmare. Might as well just hand out all your customer details from day 1, save yourself the developer costs.
If developers have been given “the keys to the kingdom” and can make changes to prod (or even test) environments without review by someone else who has solid ops and security understanding, then what is happening is not devops.
But if you are dismissing developers as idiots and whiny, rather than working with them, you’re part of the problem that led to the need to define devops in the first place.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
