Skip to content

Commit

Permalink
Merge branch 'main' of github.com:brandtkeller/tag-security into 1257…
Browse files Browse the repository at this point in the history
…_governance_cleanup
  • Loading branch information
brandtkeller committed Jun 21, 2024
2 parents f390e71 + 69171cc commit c6c88fa
Show file tree
Hide file tree
Showing 15 changed files with 45 additions and 48 deletions.
4 changes: 2 additions & 2 deletions ci/link-config.json
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
{
"aliveStatusCodes": [200,206,402],
"fallbackRetryDelay": "5s",
"fallbackRetryDelay": "10s",
"replacementPatterns": [
{
"pattern": "^/",
"replacement": "{{BASEURL}}/"
}
],
"retryCount": 3,
"retryCount": 5,
"retryOn429": true,
"timeout": "20s",
"httpHeaders": [
Expand Down
3 changes: 3 additions & 0 deletions community/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# TAG-Security Community Activities

The Security TAG has several working groups that organize community activities around specific topics, including recurring meetings.
12 changes: 12 additions & 0 deletions community/events/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Events

## Upcoming Gatherings

[CloudNativeSecurityCon](https://events.linuxfoundation.org/cloudnativesecuritycon-north-america/):
June 26 – 27, 2024 — Seattle, Washington

## Recurring General Meetings

[Weekly US Meeting](https://zoom.us/j/99809474566): each Wednesday at 10 am (UTC-7)

[Bi-Weekly EMEA Meeting](https://zoom.us/j/99917523142): on Wednesdays at 1 pm (UTC+0, UTC+1 when daylight saving time is in effect)
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ project, architecture, and enhance team awareness on security.

- Copenhagen, Denmark
- May 2-4, 2018
- [notes](safe_kubecon.md)
- [notes](safe-kubecon.md)

[KubeCon + CloudNativeCon, Shanghai](https://events19.linuxfoundation.cn/events/kubecon-cloudnativecon-china-2018/)

Expand Down
2 changes: 1 addition & 1 deletion past-events.md → community/events/past-events.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
<!-- cSpell:ignore timothyhinrichs -->
<!-- cSpell:ignore sreetummidi -->

A list of past KubeCon/Cloud Native SecurityCon events an be found [here](cloud_native_security.md)
A list of past KubeCon/Cloud Native SecurityCon events can be found [here](cloud-native-security.md)

## DockerCon, San Francisco, CA, Apr 30 - May 2, 2019

Expand Down
9 changes: 4 additions & 5 deletions safe_kubecon.md → community/events/safe-kubecon.md
Original file line number Diff line number Diff line change
@@ -1,15 +1,14 @@
### SAFE Recap @ [Kubecon Europe 2018](https://events.linuxfoundation.org/events/kubecon-cloudnativecon-europe-2018/)
# SAFE Recap @ [Kubecon Europe 2018](https://events.linuxfoundation.org/events/kubecon-cloudnativecon-europe-2018/)

SAFE had two sessions for introducing SAFE and getting feedback from the community.
SAFE had two sessions for introducing SAFE and getting feedback from the community.

* [SAFE WG Intro](https://kccnceu18.sched.com/event/ENw3/safe-wg-intro-jeyappragash-j-j-padmeio-ray-colline-google-any-skill-level)
* [SAFE WG Deep Dive](https://kccnceu18.sched.com/event/ENw5/safe-wg-deep-dive-ray-colline-google-intermediate-skill-level)

We had a small but relevant group and hallway conversations were equally engaging and informative.

Excited to have [Liz Rice](https://github.com/lizrice) and [Justin Cormack](https://github.com/justincormack) join us.
Excited to have [Liz Rice](https://github.com/lizrice) and [Justin Cormack](https://github.com/justincormack) join us.

Across the board, everyone I had conversation with, there was a natural acknowledgement that security is an end-end problem and understanding secure access and providing a safe end-end system for enduser is critical. Highlighted at the [keynote by Alexis](https://twitter.com/MayaKaczorowski/status/991601395450171392?s=15).
Across the board, everyone I had conversation with, there was a natural acknowledgement that security is an end-end problem and understanding secure access and providing a safe end-end system for end-user is critical. Highlighted at the [keynote by Alexis](https://twitter.com/MayaKaczorowski/status/991601395450171392?s=15).

We are just getting started on this, incredibly excited to be part of this team and the effort!

4 changes: 4 additions & 0 deletions supply-chain-security/compromises/2010/apache.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,7 @@ databases are considered leaked.
## Type of compromise

Attack Chaining - multiple compromises.

## Reference

- <https://www.invicti.com/blog/web-security/apacheorg-and-jira-incident/>
2 changes: 1 addition & 1 deletion supply-chain-security/compromises/2010/fsf-website.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ exfiltrate user names and encrypted passwords from the affected server.

## Type of Compromise

Source Code
Attack Chaining

## References

Expand Down
8 changes: 5 additions & 3 deletions supply-chain-security/compromises/2010/proftpd.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
# ProFTPD hack
<!-- cSpell:ignore FTPD -->

# ProFTPD Hack and Backdoor

A source code repository server of an open-source project (ProFTPD) was hacked
by unknown attackers who planted a backdoor in the source code.
Expand All @@ -15,5 +17,5 @@ and it's unlikely a key compromise was involved.

## References

- https://www.zdnet.com/article/open-source-proftpd-hacked-backdoor-planted-in-source-code/
- https://www.theregister.com/2010/12/02/proftpd_backdoored/
- <https://www.zdnet.com/article/open-source-proftpd-hacked-backdoor-planted-in-source-code/>
- <https://www.theregister.com/2010/12/02/proftpd_backdoored/>
2 changes: 1 addition & 1 deletion supply-chain-security/compromises/2011/kernelorg.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<!-- cSpell:ignore gkh's -->
# kernel.org infrastructure compromise
# kernel.org Infrastructure Compromise

While the kernel.org compromise didn't likely involve source code (and would
have had limited impact), from gkh's mail: "the compromise of kernel.org and
Expand Down
5 changes: 5 additions & 0 deletions supply-chain-security/compromises/2013/apt.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,8 @@ authenticity wasn't being used for source packages.
## Type of compromise

Negligence - Insufficient client-side package authenticity verification

## References

* <https://ubuntu.com/security/notices/USN-1762-1>
* <https://nvd.nist.gov/vuln/detail/CVE-2013-1051>
10 changes: 5 additions & 5 deletions supply-chain-security/compromises/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ of compromise needs added, please include that as well.
<!-- cSpell:disable -->
| Name | Year | Type of compromise | Link |
| ----------------- | ------------------ | ------------------ | ----------- |
| [Malware Disguised as Installer used to target Korean Public Institution] | 2024 | Trust and Signing | [1](https://asec.ahnlab.com/en/63396/) |
| [Malware Disguised as Installer used to target Korean Public Institution](2024/targeted-signed-endoor.md) | 2024 | Trust and Signing | [1](https://asec.ahnlab.com/en/63396/) |
| [3proxy signing incident](2024/laixi-3proxy.md) | 2024 | Trust and Signing | [1](https://news.sophos.com/en-us/2024/04/09/smoke-and-screen-mirrors-a-strange-signed-backdoor/) |
| [xz backdoor incident](2024/xz.md) | 2024 | Malicious Maintainer | [1](https://cloudsecurityalliance.org/blog/2024/04/25/navigating-the-xz-utils-vulnerability-cve-2024-3094-a-comprehensive-guide) |
| [GitGot: using GitHub repositories as exfiltration store](2024/gitgot.md) | 2024 | Trust and Signing | [1](https://www.reversinglabs.com/blog/gitgot-cybercriminals-using-github-to-store-stolen-data) |
Expand Down Expand Up @@ -100,12 +100,12 @@ of compromise needs added, please include that as well.
| [Code Spaces](2014/code-spaces.md) | 2014 | Source Code | [1](https://threatpost.com/hacker-puts-hosting-service-code-spaces-out-of-business/106761/) |
| [Monju Incident](2014/monju.md) | 2014 | Publishing infrastructure| [1](https://www.contextis.com/en/blog/context-threat-intelligence-the-monju-incident) |
| [APT lack of validation for source packages](2013/apt.md) | 2013 | Negligence | [1](https://lwn.net/Articles/602461/) |
| [GitHub rails/rails Vulnerability](2012/ruby-on-rails-github.md) | 2012 | Source Code <br> Dev Tooling | [1](https://homakov.blogspot.com/2012/03/how-to.html), [2](https://github.blog/2012-03-05-responsible-disclosure-policy/) |
| [kernel.org compromise](2011/kernelorg.md) | 2011 | Publishing infrastructure | [1](https://lwn.net/Articles/461237/), [2](https://lwn.net/Articles/461552/) |
| [GitHub Ruby on Rails Repository Hack](2012/ruby-on-rails-github.md) | 2012 | Source Code <br> Dev Tooling | [1](https://homakov.blogspot.com/2012/03/how-to.html), [2](https://github.blog/2012-03-05-responsible-disclosure-policy/) |
| [kernel.org Infrastructure Compromise](2011/kernelorg.md) | 2011 | Publishing infrastructure | [1](https://lwn.net/Articles/461237/), [2](https://lwn.net/Articles/461552/) |
| [FSF Website Hack](2010/fsf-website.md) | 2010 | Source Code | [1](https://www.computerworld.com/article/2752415/free-software-foundation-s-software-repository-hacked.html) |
| [apache.org incident](2010/apache.md) | 2010 | Attack Chaining | [1](https://blogs.apache.org/infra/entry/apache_org_04_09_2010) |
| [apache.org Internal Tools Compromise](2010/apache.md) | 2010 | Attack Chaining | [1](https://www.invicti.com/blog/web-security/apacheorg-and-jira-incident/) |
| [Operation Aurora](2010/aurora.md) | 2010 | Watering-hole attack | [1](https://www.wired.com/2010/03/source-code-hacks/) |
| [ProFTPD](2010/proftpd.md) | 2010 | Publishing Infrastructure | [1](https://www.zdnet.com/article/open-source-proftpd-hacked-backdoor-planted-in-source-code/) |
| [ProFTPD Hack and Backdoor](2010/proftpd.md) | 2010 | Publishing Infrastructure | [1](https://www.zdnet.com/article/open-source-proftpd-hacked-backdoor-planted-in-source-code/) |
| [WordPress backdoor](2007/wordpress.md) | 2007 | Source Code <br> Publishing Infrastructure </br> | [1](https://lwn.net/Articles/224997/) |
| [SquirrelMail backdoor](2007/squirrelmail.md) | 2007 | Source Code <br> Publishing Infrastructure | [1](https://lwn.net/Articles/262688/) |
| [Linux Kernel CVS Repository Hack](2003/kernel-repository.md) | 2003 | Source Code <br> Dev Tooling | [1](https://lwn.net/Articles/57135/) |
Expand Down
1 change: 1 addition & 0 deletions website/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ deps:
--include='assessments' --include='assessments/**' \
--include='governance' --include='governance/**' \
--include='publications' --include='publications/**' \
--include='community' --include='community/**' \
--include='*.md' --exclude='*'

# Move over content such as graphics and logos
Expand Down
10 changes: 0 additions & 10 deletions website/content/events/_index.md

This file was deleted.

19 changes: 0 additions & 19 deletions website/themes/docsy/layouts/community/list.html

This file was deleted.

0 comments on commit c6c88fa

Please sign in to comment.