reporter

Kubernetes interviewing, hiring and assessments help teams find good container experts. Companies have trouble spotting real Kubernetes skills when people use big words but lack real work experience. kubernetes interviewing, hiring and assessments give simple ways to find engineers who can fix pods, grow clusters, keep 99.9% uptime, and recover from problems in real situations.​ Bad hires waste months learning and cost a lot when services break in production. Good tests find setup problems, security holes, and growth issues before they cause big trouble. Smart teams use real hands-on tests instead of book questions to build strong teams. Why Kubernetes Skills Matter Now Containers changed how apps move between test and live systems. Kubernetes became the main tool to run thousands of containers for big companies. Now every cloud team from small startups to huge businesses uses K8s clusters for important work. Good interviews show who can fix broken pods during busy sales times. Smart hiring picks workers with real experience in team setups, backup plans, and cost savings. Real tests prove they can handle daily cluster work. Companies with good K8s workers save 40% on running costs and ship features 5x faster.​ Common Kubernetes Interview Problems Hiring managers make the same mistakes that waste time. Many ask basic “What is Kubernetes?” questions that get Google answers. Book learning misses who can’t fix real cluster problems. No hands-on tests hide big skill gaps. Skipping security questions lets bad setups into live systems. No growth tests show panic when traffic jumps. Use simple kubernetes interviewing, hiring and assessments that show real work ability. Key Kubernetes Skills to Check Test these daily work skills that show true ability. Basic Setup: Nodes, pods, deployments, services – when to use each. Networking: Connection tools, doorways, team rules. Storage: Disk space, database setups, backups. Security: User rules, safe settings, secret storage. Fixing Problems: Logs, events, kubectl commands. Growing: Auto pod add, cluster size change. Watching: Charts, alerts, health checks. Test each with timed real problems.​ Kubernetes Interview Questions Table Use these tested questions for all levels. AreaSample QuestionGood Answer ShowsSkill TestedPodsFix pod that ran out of memorySets limits correctlyDaily resource workDeploymentsUpdate stuck halfwayChecks status/historySafe updatesServicesWhen use each type?Right choicesNetwork basicsSecurityMake view-only userSafe rulesSecurity habitsHelmUpdate app safelyRight commandsApp package skillStorageDisk won’t work – fixFinds storage problemDatabase workGrowthCPU slow in busy timeAuto growth setupSpeed fixesSecurity CheckFind bad imagesScan tools usedSafe builds Easy for new hires, hard for seniors.​ Hands-On Test Plan Use real work tests instead of paper questions. Run Sample App: Web server with copies. Grow & Update: Auto grow + safe change. Network Test: Web door with safe connection. Database Test: Long-running app with disk. Fix Broken: Kill pod, make it work again. Lock Down: Team rules + user limits. Backup Test: Save and restore data. Auto Deploy: From code to live. 90 minutes. Score on finish + good habits. Kubernetes Hiring Steps Simple path from paper to job offer. Check Resumes: Must show kubectl work. Quick Call: 15 min setup talk. Home Work: Small app setup (4 hours). Live Test: Shared test cluster. Team Check: Work with group. Fit Talk: Team style match. Offer: Good pay + training help. Cuts hiring time by half. DevOpsSchool Kubernetes Training DevOpsSchool leads Kubernetes classes worldwide with offices in India, USA, Europe, UAE, UK, Singapore, and Australia. Founded to solve real industry problems, they’ve trained over 50,000 professionals from 100+ countries. Their platform offers live classes, recorded videos, lab practice, job help, and certification support. Why DevOpsSchool stands out: Real production-like labs matching AWS EKS, Azure AKS, Google GKE Lifetime access to all course materials and updates Job placement help with 500+ hiring partners 24/7 doubt clearing through Slack and forums Money-back guarantee on certification courses Corporate training for 1000+ companies worldwide Free demo classes before enrollment​ They serve startups needing first Kubernetes clusters to enterprises running 10,000+ node clusters. Rajesh Kumar Teaches Kubernetes Classes led by Rajesh Kumar, founder of DevOpsSchool with 20+ years experience across banking, healthcare, e-commerce, and government projects. Rajesh started with Unix systems in 2000, moved to cloud in 2008, mastered Docker in 2013, and built his first Kubernetes cluster in 2016. Rajesh’s real achievements: Fixed 3AM cluster crashes for banks processing $1B+ daily Trained 25,000+ students who now work at Google, Amazon, Microsoft Built Kubernetes certification training used by 90% pass rate Created 500+ YouTube videos with 2M+ total views Wrote books on DevOps and Kubernetes used in 50+ universities Speaks at KubeCon, AWS re:Invent, DevOps Days conferences Mentors startup CTOs building cloud platforms Rajesh teaches from personal failures – like the time wrong RBAC locked out entire production, or when bad Helm values crashed 500 pods during Black Friday. His students pass CKA/CKAD first try and land jobs at FAANG companies within 3 months. Test Scoring Guide Fair grading stops bad choices. SkillMax ScoreMust DoWeightApp Run20No stop during changeHighNetwork15Right connectionsHighStorage15Data saved rightMediumSafety15User limits workHighFix Problems20Finds real causeHighAuto Tools10Code to liveMediumNotes10Clear stepsLow 80+ = good hire. Certs vs Real Work CertGood ForWeak AtBest WithCKABasic commandsBig design6 months workCKADApp setupDaily runAuto deployCKSSafetyNeeds basics firstUser rulesReal WorkLive fixesHard to checkAny cert Best: Cert + 6 months work. Warning Signs in Interviews Skip these people. Can’t explain pod steps. Deletes pods wrong way. No own code examples. Thinks wrong about deployments. Can’t read kubectl output. No limits set. No package tool use. Ask about last real fix.​ Build Test Systems Easy setups for fair tests. Tools: Local test clusters. Cloud free plans. Balance tools. Storage add-ons. Test Ideas: Team space rules. Backup check. Split traffic test. Code auto run. Watch setup. Team Growth Plans Hire right for team size. Team SizeWho to HireTest FocusClusters per Person1-3All skillsEverything14-10Split rolesSpecial work310+Big plannersMany clusters5 Cost of Bad Hires Real money loss. Find fee: $20K Learn time pay: 3 months One crash: $100K/hour Team slow: 6 months fix Total: $250K+ $5K test saves millions. Good Job Ads Get right people. textKubernetes Worker Needed - Ran 50+ node live clusters - Fixed crashes with kubectl - Made custom tools - Network + storage work - Multi cloud Online Interview Tips Good remote tests. Use online clusters. Share screen live. Time limits. Team watch. Record check. New Hire Start Plan Fast to good work. See live systems. Join team chat. Test bad events. Watch night duty. First code change. Exam money back. Check Hiring Success Watch these numbers. Work start: <60 days First fix: <90 days Exam pass: 90% Stay 1 year: 85% Help uptime. Conclusion and Overview Kubernetes interviewing, hiring and assessments make strong teams. Skip book tests. Use real work proof. Work with DevOpsSchool and Rajesh Kumar for best results. Overview: Full guide with test plans, scores, steps, start plans, and results check. Perfect for finding good Kubernetes workers. Contact Details: Email: [email protected] Phone & WhatsApp (India): +91 7004 215 841 Phone & WhatsApp (USA): +1 (469) 756-6329 DevOpsSchool View the full article

Cisco has warned that a China-linked hacking group is actively exploiting a previously unknown vulnerability in its Secure Email appliances to gain persistent access, forcing affected organizations to consider disruptive rebuilds of critical security infrastructure while patches remain unavailable. Cisco Talos said the campaign has been active since at least late November, raising concerns for security leaders about unseen compromise and how far incident response efforts may need to extend beyond the affected devices. [ Related: More Cisco news and insights ] The vulnerability affects Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager appliances running AsyncOS, but only in configurations where the Spam Quarantine feature is enabled and exposed to the internet, according to Cisco. The company said there is currently no patch available, and that rebuilding affected appliances is the only way to fully remove the attackers’ persistence mechanisms in confirmed compromise cases. Enterprise exposure and risk scope Cisco said that systems where the Spam Quarantine feature is not enabled are not affected, but analysts said this does not necessarily reduce enterprise risk. “This vulnerability may remain a high-risk issue because affected appliances typically sit in privileged network positions, even though the feature is not enabled by default,” said Sunil Varkey, a cybersecurity analyst. It is also not clear how many enterprises may have enabled the feature in production environments, said Keith Prabhu, founder and CEO of Confidis. “The Spam Quarantine provides a way for administrators to review and release ‘false positives,’ i.e., legitimate email messages that the appliance has deemed to be spam,” Prabhu said. “In today’s remote support and 24×7 operations, it is entirely possible that this feature has been enabled by many enterprises.” Akshat Tyagi, associate practice leader at HFS Research, said the bigger concern is the nature of the target. Unlike a user laptop or a standalone server, email security systems sit at the center of how organizations filter and trust email traffic, meaning attackers would be operating inside infrastructure designed to stop threats rather than receive them. “The fact that there’s no patch yet elevates the risk further,” Tyagi said. “When the vendor’s guidance is to rebuild appliances rather than clean them in place, it tells you this is about persistence and control, not just a one-off exploit.” Varkey added that exploitation may not require direct internet exposure and could also occur from internal or VPN-reachable networks, advising organizations to close or restrict access to affected management ports temporarily. Rebuild guidance and operational tradeoffs Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed. “From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is the only way to be confident the threat is fully removed.” But Varkey said that this may not be a viable option for many organizations, as it introduces business risks, including downtime, misconfiguration, and the potential reintroduction of persistence through contaminated backups. Enterprises will need to balance remediation speed with business continuity while relying on compensating controls to limit exposure. “Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager are critical components of the email infrastructure,” Prabhu said. “Organizations would need to plan this activity in a way that minimizes downtime, but at the same time reduces the time window of compromise. In the interim, they could use other security measures like blocking ports on the firewall to limit exposure.” More Cisco news: Cisco defines AI security framework for enterprise protection Cisco initiative targets device security Key takeaways from Cisco Partner Summit AI networking demand fueled Cisco’s upbeat Q1 financial Cisco launches AI infrastructure, AI practitioner certifications Cisco centralizes customer experience around AI Cisco unveils integrated edge platform for AI View the full article

Cisco has warned that a China-linked hacking group is actively exploiting a previously unknown vulnerability in its Secure Email appliances to gain persistent access, forcing affected organizations to consider disruptive rebuilds of critical security infrastructure while patches remain unavailable. Cisco Talos said the campaign has been active since at least late November, raising concerns for security leaders about unseen compromise and how far incident response efforts may need to extend beyond the affected devices. The vulnerability affects Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager appliances running AsyncOS, but only in configurations where the Spam Quarantine feature is enabled and exposed to the internet, according to Cisco. The company said there is currently no patch available, and that rebuilding affected appliances is the only way to fully remove the attackers’ persistence mechanisms in confirmed compromise cases. Enterprise exposure and risk scope Cisco said that systems where the Spam Quarantine feature is not enabled are not affected, but analysts said this does not necessarily reduce enterprise risk. “This vulnerability may remain a high-risk issue because affected appliances typically sit in privileged network positions, even though the feature is not enabled by default,” said Sunil Varkey, a cybersecurity analyst. It is also not clear how many enterprises may have enabled the feature in production environments, said Keith Prabhu, founder and CEO of Confidis. “The Spam Quarantine provides a way for administrators to review and release ‘false positives,’ i.e., legitimate email messages that the appliance has deemed to be spam,” Prabhu said. “In today’s remote support and 24×7 operations, it is entirely possible that this feature has been enabled by many enterprises.” Akshat Tyagi, associate practice leader at HFS Research, said the bigger concern is the nature of the target. Unlike a user laptop or a standalone server, email security systems sit at the center of how organizations filter and trust email traffic, meaning attackers would be operating inside infrastructure designed to stop threats rather than receive them. “The fact that there’s no patch yet elevates the risk further,” Tyagi said. “When the vendor’s guidance is to rebuild appliances rather than clean them in place, it tells you this is about persistence and control, not just a one-off exploit.” Varkey added that exploitation may not require direct internet exposure and could also occur from internal or VPN-reachable networks, advising organizations to close or restrict access to affected management ports temporarily. Rebuild guidance and operational tradeoffs Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed. “From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is the only way to be confident the threat is fully removed.” But Varkey said that this may not be a viable option for many organizations, as it introduces business risks, including downtime, misconfiguration, and the potential reintroduction of persistence through contaminated backups. Enterprises will need to balance remediation speed with business continuity while relying on compensating controls to limit exposure. “Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager are critical components of the email infrastructure,” Prabhu said. “Organizations would need to plan this activity in a way that minimizes downtime, but at the same time reduces the time window of compromise. In the interim, they could use other security measures like blocking ports on the firewall to limit exposure.” View the full article

DataOps services streamline data pipelines for faster business decisions. Companies struggle with data silos and slow processing. DataOps Services solve these issues through automation and teamwork.​ Teams using DataOps services see 50% faster data delivery. Quality improves with built-in checks. Businesses in healthcare and finance rely on them daily. What DataOps Services Actually Do DataOps services blend DevOps speed with data management needs. They automate pipelines from collection to analysis. No more manual fixes or delays. Think of data flowing like a factory line. DataOps services keep it smooth, monitored, and scalable. Every step gets tested automatically. Organizations gain real-time insights without headaches. This powers better customer experiences and operations. Why Traditional Data Management Fails Old methods use spreadsheets and manual transfers. Errors creep in. Teams point fingers when reports fail. Data grows fast—petabytes daily for big firms. Traditional setups crash under load. Delays cost revenue. DataOps services fix this with continuous monitoring and self-healing pipelines. Core Benefits of DataOps Services Adopting DataOps services transforms data teams. Faster data delivery to business users. Automated quality checks catch errors early. Collaboration between data engineers and analysts. Scalable pipelines handle growth easily. Reduced downtime through monitoring. Cost savings from efficient cloud use. Better governance for compliance needs.​ Traditional DataDataOps ServicesBusiness ImpactManual pipelinesAutomated flows5x faster deliverySiloed teamsCross-team work70% fewer errorsWeekly batchesReal-time streamsInstant insightsHard to scaleAuto-scalingHandles 10x growth Key Components Every DataOps Setup Needs Strong DataOps services include these essentials. Pipeline Automation: Tools like Apache Airflow schedule and run data jobs. Data Quality Gates: Great Expectations tests every dataset. Orchestration: Kubernetes manages containerized data workloads. Monitoring: Prometheus tracks pipeline health. Version Control: Git for data pipelines and models. Build around open standards for flexibility. Popular DataOps Tools Comparison Choose tools that fit your stack. ToolBest ForEase of UseCostAirflowComplex workflowsMediumFreePrefectModern Python teamsEasyFree/PaidDagsterData asset focusMediumFreedbtAnalytics engineeringEasyFreeGreat ExpectationsData qualityEasyFree​ Start simple, scale as needed. DataOps Services Workflow Step by Step Implementation follows clear phases. Assess current data flows and pain points. Design automated pipelines with quality checks. Set up monitoring and alerting. Train teams on new processes. Launch with small datasets first. Scale to full production. Continuously optimize based on metrics. Expect 3-6 months for full rollout. DevOpsSchool Leads DataOps Training DevOpsSchool stands as premier platform for DataOps training worldwide. They offer practical courses, certifications, and hands-on labs. Highlights include: Live workshops with production experts. Lifetime LMS access with updates. Certifications in Airflow, dbt, DataOps. Job placement assistance. Community forums for ongoing support. Free resources like cheat sheets.​ Over 50,000 professionals trained globally. Rajesh Kumar Guides DataOps Mastery Programs led by Rajesh Kumar, expert with 20+ years across DataOps, DevOps, SRE, MLOps, Kubernetes, cloud. Mentored thousands at Fortune 500 firms. Rajesh emphasizes real-world scenarios over theory. His training covers production pitfalls like pipeline failures and data drift. Students leave ready for enterprise challenges. Participant Feedback Shows Real Results Trainees praise the practical approach: Abhinav Gupta, Pune: “Training built confidence. Rajesh cleared every doubt.” (5.0) Indrayani, India: “Hands-on sessions made DataOps stick.” (5.0) Ravi Daur, Noida: “Perfect for daily work coverage.” (5.0) Sumit Kulkarni: “Tools explained with real examples.” (5.0) Vinayakumar, Bangalore: “Exceeded expectations with deep knowledge.” (5.0)​ Consistent perfect scores prove effectiveness. 10 Must-Know DataOps Keywords DataOps services, pipeline automation, data quality, Airflow orchestration, dbt modeling, Great Expectations, continuous monitoring, data governance, MLOps integration, scalable data platforms. DataOps Services Plans Overview Select based on your needs. PlanScopeTimelineIdeal ForStarterBasic pipelines4 weeksSmall teamsProfessionalFull automation + training8 weeksGrowing firmsEnterpriseMulti-cloud + 24/7 support12 weeksLarge scale​ Professional plan offers best ROI. Common DataOps Challenges Solved Teams hit these roadblocks—DataOps services clear them: Data Silos: Unified pipelines connect sources. Quality Issues: Automated tests block bad data. Slow Processing: Parallel jobs speed delivery. Scaling Pain: Cloud-native designs grow easily. Team Friction: Shared tools improve collaboration. Solve 80% of data pains quickly. Real Client Success Stories Companies transformed their data ops: Healthcare Provider: Cut reporting time from days to minutes. Finance Firm: Achieved 99.9% data accuracy. E-commerce: Handled 10x traffic spikes seamlessly. Manufacturer: Saved 40% on cloud data costs. Measurable wins across industries. Building Your DataOps Roadmap Start your journey with these steps: Map current data flows completely. Identify top 3 bottlenecks. Pick 2-3 core tools. Pilot on one dataset. Train key team members. Roll out enterprise-wide. Measure and iterate monthly. Quick wins build momentum. Measuring DataOps Services Success Track these key metrics: Pipeline uptime percentage. Data freshness (age of latest data). Processing time reduction. Error rates before/after. Cost per terabyte processed. Team productivity gains. Aim for 30% improvement quarterly. Getting Started Simple Process Onboarding takes weeks not months. Share your data challenges. Define success metrics. Choose starter tools. Build proof-of-concept pipeline. Train your core team. Go live with confidence. No long contracts required. Conclusion and Overview DataOps services unlock data’s true power through automation and collaboration. From pipeline reliability to real-time insights, they future-proof data operations. Partner with experts for fastest results. Overview: Complete guide covering DataOps benefits, tools, workflows, challenges, metrics, success stories, and implementation steps. Essential for modern data teams. Contact Details: Email: [email protected] Phone & WhatsApp (India): +91 7004 215 841 Phone & WhatsApp (USA): +1 (469) 756-6329 DevOpsSchool View the full article

Apple will next year introduce more ads in the App Store "to increase opportunity" in search results, the company has announced. According to an update to Apple's Ads website, additional ads will appear across search queries, appearing at the top as well as further down in App Store results, and existing campaigns won't need to do anything to be eligible. Search is the way most people find and download apps on the App Store, with nearly 65 percent of downloads happening directly after a search. To help give advertisers more opportunities to drive downloads from search results, Apple Ads will introduce additional ads across search queries. You don't need to change your campaign in order to be eligible for any new positions. Your ad will run in either the existing position — at the top of search results — or further down in search results. If you have a search results campaign running, your ad will be automatically eligible for all available positions, but you can't select or bid for a particular one.Apple explains that the ad format will remain the same – a default or custom product page, and an optional deep link. Advertisers and developers won't see a change in their billing, which will remain based on Apple's cost-per-tap model, so developers only pay when a user taps on an ad. Apple displays ads based on a combination of bid amount and an app's relevance to the search query, with ad matching done automatically. The new App Store ads will appear on devices running iOS 26.2 and later from the beginning of 2026. For further details, check out Apple's Ads website. (Via 9to5Mac.)Tag: App Store This article, "App Store Search Results to Show More Ads Next Year, Says Apple" first appeared on MacRumors.com Discuss this article in our forums View the full article

DevOps interviewing, hiring and assessments help teams find skilled engineers quickly. Wrong hires cost time and money in fast-paced projects. Companies use devops interviewing, hiring and assessments to build strong teams.​ Good assessments test real skills not just resumes. They cover tools, problem-solving, and teamwork. This ensures new hires succeed from day one. Why DevOps Hiring Needs Special Care DevOps roles mix coding, operations, and automation. Traditional interviews miss these skills. Candidates talk big but struggle in practice. Teams waste months on bad fits. Projects delay. Budgets overrun. Proper devops interviewing, hiring and assessments fix this. Real tests show who can deploy pipelines or fix outages. Experience matters more than certificates. Key Skills Every DevOps Hire Must Have Focus on hands-on abilities during assessments. CI/CD pipeline building with Jenkins or GitLab. Infrastructure as code using Terraform. Container management with Docker and Kubernetes. Monitoring setup with Prometheus. Cloud platforms like AWS or Azure. Scripting in Python or Bash. Git workflows and branching strategies. Security basics for secure deployments.​ Look for problem-solvers who explain their thinking. Best DevOps Interview Questions by Level Tailor questions to experience. Here’s a breakdown. LevelSample QuestionWhat It TestsJuniorExplain Git merge vs rebaseVersion control basicsMidBuild a simple CI pipelineAutomation workflowSeniorDesign zero-downtime deploymentArchitecture thinkingArchitectScale Kubernetes for 1M usersSystem design​ Use coding challenges and take-home projects too. Practical Assessment Methods That Work Theory questions bore candidates. Real tasks reveal true skills. Live Coding: Build a pipeline in 60 minutes. Architecture Diagrams: Draw multi-region setup. Troubleshooting: Fix broken Kubernetes cluster. Pair Programming: Work on deployment script together. Case Studies: Discuss past outage they fixed. Time these realistically. Watch how they approach problems. Common Hiring Mistakes to Avoid Many teams repeat these errors. Resume Focus: Degrees over skills waste time. No Hands-On: Talkers pass, doers fail later. Wrong Tools: Test only company stack limits talent. Solo Interviews: One opinion misses team fit. No Culture Check: Technical stars disrupt teams. Fix with structured devops interviewing, hiring and assessments processes. DevOpsSchool: Top Hiring Assessment Platform DevOpsSchool leads in DevOps training, certifications, and hiring services. They help companies assess candidates accurately worldwide. Key offerings: Custom interview kits for all levels. Certified proctors for remote tests. Skill benchmarks against industry standards. Training for internal hiring teams. Placement services connecting talent to jobs. Lifetime access to assessment libraries.​ Thousands of teams trust them for reliable hires. Rajesh Kumar’s Proven Mentorship Services guided by Rajesh Kumar, trainer with 20+ years in DevOps, DevSecOps, SRE, Kubernetes, cloud across Fortune 500. Trained 50,000+ professionals globally. Rajesh designs assessments from real production scenarios. His questions test what matters in live environments. Candidates learn even if they don’t pass. Real Client Success Stories Teams share hiring wins: Tech Startup: Hired 10 engineers in 2 weeks. Zero failures in first quarter. Bank: Reduced bad hires by 80% with skill tests. E-commerce: Built team handling Black Friday traffic perfectly. SaaS Company: Architects designed scalable systems day one. Results prove the assessment power. 10 Essential DevOps Hiring Keywords DevOps assessments, technical interviews, hiring tests, skill evaluations, candidate screening, pipeline challenges, Kubernetes interviews, CI/CD assessments, cloud certifications, SRE hiring. Assessment Plan Comparison Pick the right package. PlanFeaturesDurationBest ForBasic50 questions, 1-hour test1 weekSmall teamsProLive proctoring, coding tasks2 weeksMid-sizeEnterpriseCustom design, benchmarks4 weeksLarge scale​ Start with Pro for best value. Building Your Own Assessment Framework Create effective processes step by step. Define role requirements clearly. Mix theory, practical, behavioral questions. Use scoring rubrics for fairness. Test diverse candidates. Follow up with team feedback. Refine based on hire success rates. Tools for Remote DevOps Interviews Modern hiring happens online. Great tools make it smooth. CoderPad: Live coding with interviewer. HackerRank: Automated skill tests. Katalon: Browser automation checks. Excalidraw: Real-time diagramming. Zoom + Screen Share: Full visibility. Combine for complete evaluation. Legal and Fair Hiring Practices Avoid bias and comply with laws. Blind resumes during screening. Standardize questions for all. Document decisions clearly. Train interviewers on fairness. Accommodate disabilities. Build diverse high-performing teams. Measuring Assessment Success Track if tests predict good hires. Metrics to watch: Time to hire vs quality. 90-day retention rates. First project success. Manager satisfaction scores. Cost per effective hire. Adjust tests based on data. Getting Started with Professional Help Ready to improve hiring? Simple steps. List current pain points. Choose assessment partner. Pilot with 5 candidates. Scale to full process. Train internal team. Expert help speeds results. Conclusion and Overview DevOps interviewing, hiring and assessments build teams that deliver reliably. From skill tests to cultural fit, structured processes save time and money. Partner with proven experts for top talent. Overview: Complete hiring guide covering questions, methods, tools, mistakes, metrics, and frameworks. Essential for DevOps team building. Contact Details: Email: [email protected] Phone & WhatsApp (India): +91 7004 215 841 Phone & WhatsApp (USA): +1 (469) 756-6329 DevOpsSchool View the full article

GitOps as a Service turns Git into your single source of truth for cloud changes. It ends manual deployment chaos with automatic syncs. Companies pick GitOps as a Service for reliable, fast operations.​ Microservices and Kubernetes need constant updates. Traditional methods cause config drift and errors. GitOps uses pull requests and YAML for safe automation. Rollbacks? Just git revert. Teams collaborate through code reviews. Expect 5x faster releases and 70% fewer failures. What GitOps Really Means Think of Git as your single source of truth for all changes. GitOps takes this idea and applies it to cloud infrastructure and app deployments. Instead of manual clicks in dashboards, every update lives in Git repositories that tools watch automatically. This approach shines in Kubernetes environments where microservices need constant updates. Changes get reviewed via pull requests, tested, and applied without human touch. Rollbacks become simple Git reverts, saving hours of debugging. Teams love it because everyone works the same way—developers, ops, security all collaborate through code. No more “it works on my machine” problems since environments match Git exactly. Why GitOps Beats Traditional Methods Old deployment ways rely on scripts scattered everywhere. One wrong change breaks production. GitOps fixes this with declarative configs everyone can read. Key wins include better visibility into who changed what, automatic previews before live changes, and audit trails for compliance. It reduces deployment failures by 70% according to real user reports. Businesses save money too—fewer outages mean steady revenue. Scaling becomes pushing a commit instead of calling the ops team at 2 AM. Core Benefits Everyone Notices GitOps delivers quick value teams feel daily. Faster releases through automated pipelines. Fewer mistakes since code reviews catch issues. Easy rollbacks with Git history. Team alignment—everyone uses the same process. Cost control with optimized cloud usage. Compliance ready with full change logs.​ Traditional OpsGitOps ApproachReal ImpactManual dashboard clicksGit pull requests5x faster deploymentsScript-based configsDeclarative YAMLZero config driftPhone calls for rollbacksGit revert2-minute recoverySiloed teamsCode reviewsBetter collaboration​ Popular GitOps Tools Breakdown Several tools make GitOps real. Here’s what works best. ArgoCD: Kubernetes native, great for complex apps. Shows live vs desired state visually. Flux: Lightweight, runs inside clusters. Handles Helm charts perfectly. Jenkins X: Full CI/CD with GitOps baked in. Preview environments shine. Each tool syncs Git repos to clusters automatically. Choose based on your stack size. ToolBest ForLearning CurveCommunity SupportArgoCDEnterprise K8sMediumExcellentFluxSmall teamsEasyGrowingJenkins XJava shopsSteepMature​ GitOps Workflow Step by Step Getting started follows simple steps anyone can follow. Store all configs in Git (deployments, services, etc). Set up a GitOps operator like ArgoCD. Connect it to your Git repo and cluster. Developers create PRs for changes. Operator applies approved changes automatically. Monitor drift and health in dashboard. This creates a self-healing system. Changes either apply or show exactly why they fail. Real World GitOps Success Stories E-commerce sites cut feature time-to-market by 30% with GitOps. SaaS companies saved 50% on cloud bills through auto-optimization. Healthcare teams aligned dev and ops completely. One client went from weekly manual deploys to 50+ daily automations. Another reduced incident response from hours to minutes via Git reverts. DevOpsSchool: Leading GitOps Experts DevOpsSchool stands out as the top platform for GitOps training and services worldwide. They offer hands-on workshops, certification paths, and real project labs covering ArgoCD, Flux, and full pipelines. Standout features: Lifetime LMS access with video tutorials and updates. Live sessions from production experts. Certifications for Kubernetes, GitOps, cloud platforms. Job ready skills with resume reviews. Active forums and weekly doubt clearing. Free tools like mindmaps and cheat sheets.​ Professionals from startups to Fortune 500 trust their practical approach over theory. Rajesh Kumar’s Expert Mentorship Programs run under Rajesh Kumar, a trainer with 20+ years mastering GitOps, DevOps, DevSecOps, SRE, DataOps, AIOps, MLOps, Kubernetes, and cloud across global enterprises. He’s trained over 50,000 people worldwide. Rajesh shares Fortune 500 battle stories that make complex topics simple. His hands-on demos focus on production pitfalls most trainers miss. Learners gain confidence handling real cluster issues from day one. Participant Feedback Speaks Volumes Real users share their wins: Abhinav Gupta, Pune: “Training built real confidence. Rajesh cleared every doubt practically.” (5.0) Indrayani, India: “Hands-on sessions made GitOps stick forever.” (5.0) Ravi Daur, Noida: “Practical coverage perfect for daily work.” (5.0) Sumit Kulkarni: “Monitoring tools explained with real examples.” (5.0) Vinayakumar, Bangalore: “Deep knowledge shared exceeded expectations.” (5.0)​ Perfect scores show the training transforms careers. 10 Must-Know GitOps Keywords GitOps services, ArgoCD implementation, Flux automation, Kubernetes GitOps, cloud-native deployments, CI/CD pipelines, declarative infrastructure, drift detection, pull request workflows, continuous sync. GitOps Service Plans Comparison Choose the right fit for your team. PlanScopeDelivery TimeBest ForStarterBasic ArgoCD setup2 weeksSmall teamsProfessionalFull pipeline + training4 weeksGrowing appsEnterpriseMulti-cluster + support6 weeksLarge scale​ Most start professional and scale up. Common GitOps Challenges Solved Teams face hurdles—here’s how GitOps fixes them: Config Drift: Live vs Git mismatch—operator syncs automatically. Slow Releases: Manual gates—PR automation speeds 10x. Rollback Fear: Complex procedures—Git revert instant. Team Blame: Unknown changes—Git history clear. These solve 80% of deployment pains overnight. Getting Started Simple Steps Onboarding takes days not months. Share current setup details. Define key goals (speed, cost, reliability). Team picks tool (ArgoCD recommended). We build proof-of-concept in your cluster. Train team and hand over running system. Flexible payments, no lock-in contracts. Conclusion and Overview GitOps as a Service delivers automated, reliable cloud management through Git simplicity. From drift-free clusters to lightning deploys, it future-proofs operations. Pair with expert guidance for fastest results. Overview: Complete guide with workflows, tools, benefits, comparisons, feedback, and startup steps. Essential for modern cloud teams. Contact Details: Email: [email protected] Phone & WhatsApp (India): +91 7004 215 841 Phone & WhatsApp (USA): +1 (469) 756-6329 DevOpsSchool View the full article

Support services keep your tech systems running smoothly without interruptions, handling everything from sudden crashes to performance slowdowns. They provide expert help for DevOps, cloud infrastructure, and modern operations challenges that can halt business progress. Businesses rely on reliable Our Support Services to maintain performance, fix issues fast, and ensure systems scale as demands grow.​ What Makes Support Services Essential Every company faces technical hurdles that slow down work, whether it’s a failed deployment at midnight or a cloud bill spiking unexpectedly. Support services act as your safety net, offering 24/7 monitoring, proactive troubleshooting, and quick fixes for CI/CD pipelines, cloud setups, and complex infrastructure. They ensure your operations stay reliable even during peak traffic or unexpected failures, preventing small glitches from becoming major crises.​ Without proper support, small problems turn into big outages that cost thousands in lost revenue and team frustration. Teams waste time troubleshooting instead of building new features or serving customers. Good support frees your staff to focus on growth while certified experts handle the technical heavy lifting, applying years of real-world experience to resolve issues faster than internal teams could alone. These services cover post-setup maintenance, ongoing improvements, and even strategic advice for future-proofing your stack. They adapt as your business grows, keeping systems scalable, secure, and cost-effective through regular audits and optimizations. Key Areas Covered by Our Support Services Modern operations need specialized help across multiple domains. Here’s what typical support handles in detail, tailored to your specific environment. DevOps pipelines and automation workflows, including Jenkins, GitLab CI, and custom scripts. Security checks in DevSecOps environments with vulnerability scanning and compliance audits. Site reliability engineering for high availability, focusing on SLOs and error budgets. Machine learning operations (MLOps) deployments, from model training to inference serving. AI-driven operations (AIOps) monitoring for predictive analytics and anomaly detection. Data pipeline management (DataOps) ensuring data quality and ETL reliability. Kubernetes cluster optimization, including pod scaling and networking troubleshooting. Cloud platforms like AWS, Azure with resource management and cost governance. GitOps for version-controlled deployments using tools like ArgoCD and Flux. Cost optimization in FinOps through detailed billing analysis and rightsizing.​ Each area gets tailored attention from specialists who understand real-world setups, common pain points, and industry best practices, ensuring solutions fit your unique workflow. Benefits of Professional Support Investing in support pays off quickly through measurable improvements in reliability and efficiency. Reduced downtime through proactive monitoring that catches issues before users notice. Faster issue resolution with expert knowledge, often cutting fix times from days to hours. Cost savings from optimized resources like auto-scaling groups and unused instance cleanup. Better team focus on core business tasks instead of firefighting infrastructure problems. Scalable solutions that grow seamlessly with your business expansion. Compliance and security assurance with regular audits and patch management.​ Companies report 40-60% less unplanned outages after implementing support, along with significant productivity gains as developers spend less time on ops tasks. Teams also gain confidence knowing backup expertise is always available. BenefitImpactExample24/7 Monitoring50% less downtimeAlert on pipeline failures before users notice, auto-remediation scriptsExpert Troubleshooting3x faster fixesKubernetes pod crashes resolved in minutes with detailed root cause analysisPerformance Optimization30% cost reductionAWS resource rightsizing, Lambda cold start eliminationSecurity AuditsZero major breachesDevSecOps vulnerability scans with automated fix recommendations​ DevOps Support in Detail DevOps support focuses on continuous delivery and collaboration between development and operations. Experts monitor Jenkins, GitLab CI, CircleCI, and deployment pipelines around the clock, catching failures early. Common tasks include pipeline debugging and optimization for faster builds, environment consistency across dev/staging/prod stages, integration with monitoring tools like Prometheus and Grafana, and rollback strategies for failed releases. During high-pressure release cycles, support provides hands-on help to ensure smooth deployments without weekend firefights or emergency escalations. DevSecOps and SRE Support Security can’t wait until after deployment. DevSecOps support scans code, containers, and infrastructure for vulnerabilities using tools like Snyk and Trivy, while ensuring compliance with standards like SOC2 or GDPR. SRE support maintains 99.9% uptime targets through error budgets, reliability SLOs, incident response playbooks, capacity planning for traffic spikes, and even chaos engineering experiments to test system resilience. Both services prevent issues before they impact customers, combining proactive measures with rapid response capabilities for true operational excellence. Cloud and Container Support Cloud migration brings new challenges like cost overruns and configuration drift. Support for AWS, Azure, GCP, and Kubernetes handles day-to-day operations with deep platform expertise. Cloud ServiceCommon Support NeedsTools CoveredAWSEC2 scaling, Lambda debugging, EKS clusters, VPC networkingCloudWatch, X-Ray, Cost ExplorerAzureAKS management, App Services, CosmosDB scalingAzure Monitor, Log AnalyticsKubernetesPod scheduling, Helm charts, Istio service mesh, storage classeskubectl, k9s, Lens​ Experts optimize costs and performance daily through automated alerts and governance policies. Emerging Ops Support: MLOps, AIOps, DataOps New operational fields need equally specialized care to bridge experimentation and production. MLOps: Model training pipelines, versioning with MLflow, serving with KServe or Seldon. AIOps: AI-powered anomaly detection using tools like Dynatrace or Splunk, predictive alerting. DataOps: ETL pipeline reliability with Airflow, data quality checks using Great Expectations. GitOps/FinOps: Git-driven deployments with ArgoCD, cloud cost governance via CloudHealth. NoOps: Serverless architectures minimizing manual ops interventions. Support bridges the gap between proof-of-concepts and production reality, ensuring these advanced practices deliver business value. Why DevOpsSchool Stands Out DevOpsSchool leads as a top platform for training and support in DevOps ecosystems, serving thousands of professionals worldwide. They offer hands-on courses, industry-recognized certifications, and real project experience that build immediately applicable skills for modern operations roles. Key strengths include lifetime access to comprehensive learning materials and LMS platforms, live interactive sessions with practicing engineers, certification prep for AWS, Kubernetes, Azure, and DevOps Institute credentials, job placement assistance with resume reviews and mock interviews, active community forums for ongoing peer support, and practical tools like mindmaps, cheat sheets, interactive labs, and deployment sandboxes.​ Thousands of professionals trust their programs for career growth, with alumni working at Fortune 500 companies and high-growth startups alike. Mentorship by Rajesh Kumar All programs feature guidance from Rajesh Kumar, a trainer with over 20 years mastering DevOps, DevSecOps, SRE, DataOps, AIOps, MLOps, Kubernetes, and multi-cloud technologies across major enterprises. He has trained 50,000+ learners worldwide, from fresh graduates to senior architects. Rajesh brings Fortune 500 experience to every session, teaching through real-world war stories, hands-on demos, and practical troubleshooting scenarios. Participants praise his clear explanations that simplify complex distributed systems topics, his focus on job-ready skills that address actual production challenges, and his patient approach that builds lasting confidence in handling critical infrastructure. Real Participant Feedback Don’t take our word—hear from actual users who transformed their careers. Abhinav Gupta, Pune: “Training built confidence. Rajesh resolved all doubts effectively with practical examples.” (5.0 stars) Indrayani, India: “Hands-on examples made concepts stick permanently. Very interactive sessions.” (5.0 stars) Ravi Daur, Noida: “Good coverage of basics with practical sessions. Queries answered thoroughly.” (5.0 stars) Sumit Kulkarni, Software Engineer: “Very helpful for understanding monitoring tools and implementation details.” (5.0 stars) Vinayakumar, Project Manager, Bangalore: “Appreciate the deep knowledge shared. Training exceeded expectations.” (5.0 stars)​ Consistent 5-star ratings across platforms reflect the genuine impact on professional growth. 10 Essential Keywords for Support Success DevOps support, SRE services, DevSecOps consulting, MLOps implementation, AIOps monitoring, Kubernetes support, cloud operations help, GitOps automation, FinOps optimization strategies, DataOps pipelines management. Choosing the Right Support Plan Select based on your maturity level and business needs. Start small, scale as complexity grows. Plan LevelCoverageResponse TimeBest ForIncludesBasicEmail/Ticket Support24 hoursSmall teams, non-critical systemsMonthly health checksStandardPhone + Email + Chat4 hoursGrowing startups, production appsDaily monitoring + weekly reportsPremium24/7 Phone + Live Sessions + Dedicated Engineer<1 hourEnterprise production, mission-criticalCustom integrations + quarterly audits​ Most businesses start with standard coverage and upgrade as they scale. Common Support Scenarios Real examples demonstrate tangible value every day: Pipeline Failure: CI/CD stuck during peak hours—fixed in 30 minutes with root cause analysis and prevention playbook. Cluster Overload: Kubernetes nodes crashing under traffic spike—safely scaled with Horizontal Pod Autoscaler tweaks. Cost Explosion: AWS bill doubled unexpectedly—optimized 35% through rightsizing and reserved instances. Security Alert: Critical vulnerability scan failure—patched overnight with zero downtime rollout. Support handles these scenarios routinely, saving weeks of internal team effort and preventing revenue loss. Getting Started with Support The onboarding process ensures quick value realization with minimal disruption. Share your current environment details via secure portal (no sensitive data needed initially). Define key pain points and success metrics during free consultation call. Choose support mode (phone, email, live sessions, or dedicated Slack channel). Experts assess setup and propose customized 30-day action plan. Start monitoring and proactive fixes immediately with daily progress updates. No long-term contracts required—flexible monthly terms with easy scaling options. Conclusion and Overview Our Support Services deliver peace of mind for complex, always-on tech stacks across DevOps, cloud, and emerging operations practices. From preventing pipeline failures to optimizing cloud spend, expert help keeps your business moving forward without technical roadblocks. Combine professional support with targeted training for sustainable operational excellence. Overview: Detailed guide covering all major support domains (DevOps to FinOps), quantifiable benefits, participant testimonials, plan comparisons, real scenarios, and simple onboarding—essential reading for reliable, scalable operations. Contact Details: Email: [email protected] Phone & WhatsApp (India): +91 7004 215 841 Phone & WhatsApp (USA): +1 (469) 756-6329 DevOpsSchool View the full article

Coding assessments challenge tech candidates with timed problem-solving on algorithms and data structures. They reveal who can code efficiently under pressure. Access to quality coding assessments with solutions makes preparation straightforward and effective.​ Why Coding Assessments Are Crucial Companies rely on these tests to filter top talent quickly. Platforms like LeetCode, HackerRank, and Codility host problems testing real skills. Developers face array manipulations while DevOps roles include scripting challenges.​ Success rates improve dramatically with practice. Many candidates fail initially due to poor time management or overlooked edge cases. Regular solving builds pattern recognition and speed essential for interviews. These assessments mirror job demands—clean code, optimal solutions, and logical thinking. Mastering them opens doors to roles at leading firms. Essential Topics Breakdown Target these high-yield areas covering most tests. Arrays: Two Sum, rotate, maximum subarray. Strings: Palindromes, anagrams, longest substring. Linked Lists: Reverse, merge k lists, cycle detection. Stacks/Queues: Valid parentheses, min stack. Trees/Graphs: Inorder traversal, clone graph. Sorting/Searching: Merge sort, binary search trees. Dynamic Programming: Climbing stairs, longest increasing subsequence.​ Study time/space complexity. O(1) space solutions impress interviewers. Aim for 30 problems per category. Structured 4-Week Prep Plan Follow this proven roadmap for results. Week 1: Master basics—10 easy problems daily. Week 2: Medium challenges—8 problems with reviews. Week 3: Hard problems—6 daily plus optimizations. Week 4: Full mock tests—3 weekly, deep analysis.​ Maintain a mistake journal. Review weekly to spot weaknesses. WeekDaily FocusProblem CountKey Platforms1Arrays/Strings10 EasyLeetCode, GeeksforGeeks2Lists/Stacks8 MediumHackerRank3Trees/DP/Graphs6 HardCodewars4Mock Tests2 FullPramp, Interviewing.io​ Hands-On Problem Solutions Practical examples with explanations. Problem 1: Two Sum Find two numbers adding to target. pythondef twoSum(nums, target): map = {} for i, num in enumerate(nums): diff = target - num if diff in map: return [map[diff], i] map[num] = i Input:, 6 →. Hashmap ensures O(n) time.​ Problem 2: Valid Parentheses pythondef isValid(s): stack = [] pairs = {')':'(', '}':'{', ']':'['} for c in s: if c in pairs: if not stack or stack.pop() != pairs[c]: return False else: stack.append(c) return len(stack) == 0 Handles “({[]})” correctly. Stack tracks opens.​ Problem 3: Rotate Array Shift right by k steps. pythondef rotate(nums, k): k %= len(nums) nums[:] = nums[-k:] + nums[:-k] Efficient single pass. Example:, k=2 →.​ Problem 4: Container With Most Water Max area between lines. pythondef maxArea(height): left, right = 0, len(height) - 1 max_area = 0 while left < right: area = min(height[left], height[right]) * (right - left) max_area = max(max_area, area) if height[left] < height[right]: left += 1 else: right -= 1 return max_area Two pointers optimize to O(n).​ More solutions at coding assessments with solutions. Test-Day Success Tactics Perform at peak. Read full problem before coding. Outline approach verbally/pseudocode. Code top-down, test immediately. Verify edge cases: empty, single element, max values. Optimize only after working solution.​ Stay composed. Explain trade-offs if live. Partial credit rewards logic. DevOpsSchool Training Excellence DevOpsSchool leads in practical DevOps and coding training. Comprehensive courses cover CI/CD, Kubernetes, cloud, and interview prep. Lifetime LMS access includes videos, labs, quizzes, and job resources. Benefits include: Hands-on projects mirroring enterprise setups. Live doubt sessions with experts. Certification guidance for AWS, Azure, Docker. Placement support and resume optimization. Community forums for ongoing learning.​ Graduates secure roles at top firms through proven methods. Rajesh Kumar Mentorship Programs feature Rajesh Kumar, 20+ year expert in DevOps, DevSecOps, SRE, DataOps, AIOps, MLOps, Kubernetes, and cloud. Trained 50,000+ professionals worldwide. His approach emphasizes practical coding for assessments and production. Rajesh simplifies complexity with real examples from Fortune 500 projects. Focuses on job-ready skills. Affordable Support Options Expert assistance available.​ ModeDurationPricePhone/EmailHourlyINR 4999/USD 100Live Sessions10 HoursINR 50000/USD 1000 Key Practice Keywords Coding challenges, algorithm problems, technical screening, interview coding, data structures quiz, logic puzzles, programming tests, hackerrank solutions, leetcode patterns, placement coding. Conclusion and Overview Coding assessments reward dedicated practice and smart strategies. Leverage resources like coding assessments with solutions alongside daily grinding for interview success. Overview: Complete guide featuring prep plans, 4+ code solutions, tips, training insights, and support details to master assessments. Contact Details: Email: [email protected] Phone & WhatsApp (India): +91 7004 215 841 Phone & WhatsApp (USA): +1 (469) 756-6329 DevOpsSchool View the full article

PHOTOCREO Michal Bednarek – shutterstock.com Die Grünen sehen sich durch die jüngsten Erkenntnisse über russische Einflussoperationen im Bundestagswahlkampf in ihrer Einschätzung bestärkt, dass die aktuellen Maßnahmen zum Schutz der parlamentarischen Demokratie nicht ausreichen. “Dass unsere Demokratie und ihre Institutionen zunehmend hybriden Angriffen autoritärer Regime ausgesetzt sind, kann spätestens seit den jüngsten und deutlichen Warnungen der Spitzen unserer Nachrichtendienste und der Einbestellung des russischen Botschafters niemand mehr bestreiten”, sagt der stellvertretende Vorsitzende der Grünen-Bundestagsfraktion, Konstantin von Notz. Dieser bedrohlichen Kombination aus “anhaltend großer Verwundbarkeit und zunehmender Gefahren” müsse die schwarz-rote Koalition endlich entschlossen entgegentreten. Vorgaben nur für Bundestagsverwaltung – nicht das Parlament selbst Zwar hätten die Regierungsfraktionen den schlechten Entwurf der Bundesregierung zur Umsetzung der europäischen NIS-2-Richtlinie zum Schutz der kritischen Infrastruktur vor Cyberangriffen so überarbeitet, dass hiervon nun auch die Bundesverwaltung und die Verwaltung des Bundestages umfasst seien. Der Bundestag selbst, inklusive der Fraktionen und Abgeordneten mit ihren Wahlkreisbüros, gehöre aber nicht zum Geltungsbereich. Es sei “geradezu absurd”, dass der Bundestag als “Herzstück der Demokratie” bisher nicht als kritische Infrastruktur eingestuft sei, obwohl er seit Jahren immer wieder angegriffen werde, sagt der Grünen-Politiker, der dem Bundestagsgremium zur Kontrolle der Geheimdienste angehört. NIS-2-Richtlinie der EU umgesetzt Am 6. Dezember ist das Gesetz in Kraft getreten, mit dem die NIS-2-Richtlinie in deutsches Recht umgesetzt wird. Das Gesetz erhöht die Anforderungen an die Cybersicherheit der Bundesverwaltung sowie bestimmter Unternehmen, die als wichtig für das Gemeinwesen gelten. Dazu zählen etwa Telekommunikationsanbieter und Energieversorger. Für sie gelten jetzt strengere Vorgaben in puncto IT-Sicherheit sowie die Pflicht, erhebliche Sicherheitsvorfälle dem Bundesamt für Sicherheit in der Informationstechnik zu melden. Cyberattacke und Desinformation Die Bundesregierung wirft Russland eine massive Cyberattacke sowie Falschinformationen im jüngsten Bundestagswahlkampf vor und hatte deshalb vergangene Woche Konsequenzen angedroht. Die “gezielte Informationsmanipulation” reihe sich in eine Serie von Aktivitäten ein, die das Ziel hätten, das Vertrauen in demokratische Institutionen und Prozesse in Deutschland zu untergraben, teilte das Auswärtige Amt mit. Der russische Botschafter wurde daher ins Ministerium einbestellt. Konkret gehen nach Überzeugung der Bundesregierung zwei hybride Angriffe auf das Konto des russischen Militärgeheimdienstes GRU. IT der Flugsicherung betroffen Zum einen könne ein Cyberangriff gegen die Deutsche Flugsicherung (DFS) im August 2024 klar der russischen Hackergruppe “Fancy Bear” und dem GRU zugeordnet werden. Zum anderen könne man nun verbindlich sagen, dass Russland mit der Kampagne “Storm 1516” versucht habe, “sowohl die letzte Bundestagswahl als auch fortlaufend die inneren Angelegenheiten der Bundesrepublik Deutschland zu beeinflussen und zu destabilisieren”. Im Fokus standen vor der Bundestagswahl unter anderem der Grünen-Spitzenkandidat Robert Habeck und der damalige Unions-Kanzlerkandidat Friedrich Merz (CDU). Um sie in Misskredit zu bringen, wurden unter anderem falsche Zeugenaussagen produziert und ins Netz gestellt sowie Websites mit erfundenen Inhalten aufgesetzt. (dpa/jm) View the full article

PHOTOCREO Michal Bednarek – shutterstock.com Die Grünen sehen sich durch die jüngsten Erkenntnisse über russische Einflussoperationen im Bundestagswahlkampf in ihrer Einschätzung bestärkt, dass die aktuellen Maßnahmen zum Schutz der parlamentarischen Demokratie nicht ausreichen. “Dass unsere Demokratie und ihre Institutionen zunehmend hybriden Angriffen autoritärer Regime ausgesetzt sind, kann spätestens seit den jüngsten und deutlichen Warnungen der Spitzen unserer Nachrichtendienste und der Einbestellung des russischen Botschafters niemand mehr bestreiten”, sagt der stellvertretende Vorsitzende der Grünen-Bundestagsfraktion, Konstantin von Notz. Dieser bedrohlichen Kombination aus “anhaltend großer Verwundbarkeit und zunehmender Gefahren” müsse die schwarz-rote Koalition endlich entschlossen entgegentreten. Vorgaben nur für Bundestagsverwaltung – nicht das Parlament selbst Zwar hätten die Regierungsfraktionen den schlechten Entwurf der Bundesregierung zur Umsetzung der europäischen NIS-2-Richtlinie zum Schutz der kritischen Infrastruktur vor Cyberangriffen so überarbeitet, dass hiervon nun auch die Bundesverwaltung und die Verwaltung des Bundestages umfasst seien. Der Bundestag selbst, inklusive der Fraktionen und Abgeordneten mit ihren Wahlkreisbüros, gehöre aber nicht zum Geltungsbereich. Es sei “geradezu absurd”, dass der Bundestag als “Herzstück der Demokratie” bisher nicht als kritische Infrastruktur eingestuft sei, obwohl er seit Jahren immer wieder angegriffen werde, sagt der Grünen-Politiker, der dem Bundestagsgremium zur Kontrolle der Geheimdienste angehört. NIS-2-Richtlinie der EU umgesetzt Am 6. Dezember ist das Gesetz in Kraft getreten, mit dem die NIS-2-Richtlinie in deutsches Recht umgesetzt wird. Das Gesetz erhöht die Anforderungen an die Cybersicherheit der Bundesverwaltung sowie bestimmter Unternehmen, die als wichtig für das Gemeinwesen gelten. Dazu zählen etwa Telekommunikationsanbieter und Energieversorger. Für sie gelten jetzt strengere Vorgaben in puncto IT-Sicherheit sowie die Pflicht, erhebliche Sicherheitsvorfälle dem Bundesamt für Sicherheit in der Informationstechnik zu melden. Cyberattacke und Desinformation Die Bundesregierung wirft Russland eine massive Cyberattacke sowie Falschinformationen im jüngsten Bundestagswahlkampf vor und hatte deshalb vergangene Woche Konsequenzen angedroht. Die “gezielte Informationsmanipulation” reihe sich in eine Serie von Aktivitäten ein, die das Ziel hätten, das Vertrauen in demokratische Institutionen und Prozesse in Deutschland zu untergraben, teilte das Auswärtige Amt mit. Der russische Botschafter wurde daher ins Ministerium einbestellt. Konkret gehen nach Überzeugung der Bundesregierung zwei hybride Angriffe auf das Konto des russischen Militärgeheimdienstes GRU. IT der Flugsicherung betroffen Zum einen könne ein Cyberangriff gegen die Deutsche Flugsicherung (DFS) im August 2024 klar der russischen Hackergruppe “Fancy Bear” und dem GRU zugeordnet werden. Zum anderen könne man nun verbindlich sagen, dass Russland mit der Kampagne “Storm 1516” versucht habe, “sowohl die letzte Bundestagswahl als auch fortlaufend die inneren Angelegenheiten der Bundesrepublik Deutschland zu beeinflussen und zu destabilisieren”. Im Fokus standen vor der Bundestagswahl unter anderem der Grünen-Spitzenkandidat Robert Habeck und der damalige Unions-Kanzlerkandidat Friedrich Merz (CDU). Um sie in Misskredit zu bringen, wurden unter anderem falsche Zeugenaussagen produziert und ins Netz gestellt sowie Websites mit erfundenen Inhalten aufgesetzt. (dpa/jm) View the full article

Smaller firms are far less likely than multinationals to protect their CISOs from personal liability for security breaches, according to a study by RSAC. Experts quizzed by CSO said the finding was concerning because without protection CISOs face legal and financial risk tied to decisions made in their role. The vast majority (88%) of CISOs from Fortune 1000 firms are legally indemnified by their companies, but this figure drops to just 53% for CISOs from organizations with 500 or more employees, according to the survey by RSAC (formerly RSA Conference). Directors’ and officers’ (D&O) insurance is the most common indemnification vehicle for both groups, and 70% of the Fortune 1000 CISOs surveyed report being covered by it. Kelly Rittenberry Culhane, co-founder of CM Law, told CSO the finding is a concern for security leaders and midsize employers alike, given that, midsize or multinational, organizations face similar risks. “While the complexity and scale of operations may differ in a midsize company, the cybersecurity risks — ransomware, data breaches, regulatory compliance failures — are equally severe,” Rittenberry Culhane says. “Without indemnification, CISOs risk personal liability, which can deter highly qualified professionals from accepting these roles.” As a result, midsize organizations put themselves at greater risk by not offering to protect from personal liability the top security leader they employ. D&O for CISOs on the rise CISOs have the potential for more than one safety net, the first of which is a company’s indemnification provisions — rules typically embedded in the company’s articles of incorporation and bylaws. “The language of a company’s indemnification provisions must be properly worded — typically achieved by the general counsel and a board vote — to provide indemnification for a CISO equal to every other director or officer of a company,” explains John Peterson of World Insurance Associates, a provider of employment practice liability insurance. The second safety net for a CISO is the D&O liability insurance policy procured by the CISO’s company through an insurance broker. Even when a company has D&O insurance in place, Peterson advises CISOs to review those policies to make sure they are covered as an “insured person.” According to the latest IANS Research + Artico Search’s CISO Compensation Report, inclusion of CISOs in D&O insurance policies is increasing. More than 50% of CISOs in the US and Canada received this insurance benefit as part of their compensation package, according to the 2025 edition of the study. This figure is up from the 40% who said they received this protection in last year’s edition of the CISO Compensation Report. One in 5 CISOs also reported to IANS Research that they have access to external counsel — typically for investigations or audits. A question of indemnity But Ryan Griffin, US cyber leader at insurance broker McGill and Partners, points out that the difference between D&O insurance and a direct indemnification agreement is often misunderstood. “The most crucial tool for a CISO’s protection is the indemnification agreement with their employer,” Griffin explains. “The D&O policy is how the company pays to protect its officer, but the indemnification agreement is what actually legally guarantees that protection.” Without a formal indemnification agreement, CISOs are at great risk, Griffin warns. “They would be responsible for covering their own legal defense costs, forcing them to rely on personal savings or a personal umbrella insurance policy,” Griffin tells CSO. “Beyond the financial hit, their career could be severely damaged.” Griffin adds: “An enforcement action, even if it’s ultimately dismissed, could result in penalties that bar them from serving as an officer for a public company for years, which seriously limits future job prospects.” Blame game Central to the issue as well is accountability, which almost always lands on the shoulders of the person perceived to be “in charge of security,” according to Kenrick Bagnall, president and co-founder of RB-Cyber Assurance. “Whether that’s the CISO of a Fortune 500 company or the sole IT director of a 100-person manufacturing firm, when things go wrong, someone has to answer for it,” says Bagnall, a former detective constable with the Toronto Police Service. The difference between a multinational and a midsize company isn’t the exposure, Bagnall says; it’s the resources. While enterprise CISOs often have access to legal teams and crisis PR advisors to help shield them, a midrange firm often has one or two people — possibly more — wearing multiple hats, like compliance, IT, and security all rolled into one. This can become an issue because “regulators, customers, and even the courts won’t lower the expectations just because the company is smaller,” Bagnall says. “Without legal protection, CISOs face significant personal and professional risk,” Bagnall said. “They can be blamed for systemic failures outside of their control — things like legacy systems that were never budgeted for replacement, or business units that refuse to adopt security controls because they’re ‘too disruptive.’” SolarWinds case continues to cast lingering shadow The SEC’s 2023 lawsuit against SolarWinds’ CISO Timothy Brown over allegations that he misled investors and failed to accurately report the vendor’s cybersecurity measures is far from an isolated case. Even though the ultimate dismissal of this high-profile lawsuit eased immediate fears that many CISOs might be held personally liable for security incidents the issue has far from gone way. “Cybersecurity leaders are increasingly held accountable for breaches and their handling of incidents,” CM Law’s Rittenberry Culhane says. “Regulatory bodies, shareholders, and courts are naming CISOs in lawsuits — even when they acted in good faith.” Midsize companies tend to have more limited legal and compliance resources, making indemnity insurance even more important as a potential safety net for security professionals employed by midrange firms. “D&O insurance should always be obtained but that doesn’t always cover all the risk,” Rittenberry Culhane says. Rittenberry Culhane, a former general counsel turned attorney whose practice specializes in advising corporations on risk management and insurance, offered CISOs a best practice checklist: Confirm CISO coverage under your D&O policy Review policy limits and exclusions for cyber-related claims Consider supplemental indemnification agreements for CISOs and security leaders Align indemnity provisions with incident response and disclosure policies For more, see “Navigating personal liability: post data-breach recommendations for CISOs.” Governance structures need revamping The CISO role has evolved faster than the governance structures that protect it, according to RB-Cyber Assurance’s Bagnall. “We now ask security leaders to be part strategist, part technologist, part crisis responder, and part scapegoat,” Bagnall says. “Until organizations, especially midsized ones, recognize that and build legal and contractual protections accordingly, we’ll continue to see talented leaders hesitate to take on these roles, resulting in organizations of all sizes not getting the proper tech and information security guidance they need.” “The CISO isn’t just defending the network — they’re defending the business’s reputation, its trust, and its future,” Bagnall adds. “That responsibility deserves protection.” View the full article

A recent attack on a French ferry, in which an attacker reportedly plugged a tiny computer called a Raspberry Pi into the network in an attempt to break into the vessel’s operations, offers an important lesson for enterprise CISOs: one analyst estimated that half of all enterprises would likely be compromised by the same attack on their physical environment. The ferry was “immobilized Saturday in the southern French port of Sète as it prepared to sail to Algeria” because of the attack attempt, according to a report from Bloomberg. The Raspberry Pi device “was paired with a cellular modem, enabling remote access to the ferry’s internal computer network and external connections.” The good news was that the attack attempt was halted because of good security procedures onboard, the story said. “Investigators said segregation between office and operational networks, along with the absence of remote access to critical controls, prevented lateral movement and ruled out sabotage or hijacking scenarios.” Enterprise controls ‘watching the wrong roads’ The question for enterprise cybersecurity executives is how well their land-based buildings — offices, stores, gas stations, bank branches, manufacturing facilities, and so forth — would have held up under a similar physical attack. Analysts and other security experts were not optimistic about how they would have fared. “Most enterprise security programs are still built for the wrong kind of intruder. They are built for the person who breaks in, not the person who walks in. And the rogue device story is the clearest signal of that shift,” said Sanchit Vir Gogia, the chief analyst at Greyhound Research. “A Raspberry Pi class device with a cellular modem is not just a clever gadget, it is a way to create a new perimeter from inside your building.” He pointed out that an attacker “does not have to fight your firewalls if they can step around them. They do not need to beat your VPN if they can bring their own internet connection into your wiring closet. That is the part that should keep CISOs awake, because it means a lot of the controls we celebrate are watching the wrong roads. If the traffic leaves through cellular, it does not cross your monitored gateways. Your SOC can be doing everything right and will still see nothing.” Fred Chagnon, principal research director at Info-Tech Research Group, agreed with Gogia’s concerns. “Most offices have dozens of live Ethernet ports in lobbies, under conference tables, and in hallways. These should be administratively disabled at the switch level by default. A port should only be activated when a specific, authorized MAC address is verified via 802.1X authentication,” Chagnon said. He added, “modern threat actors use MAC Spoofing to make a Raspberry Pi look like a legitimate VoIP phone or printer. CISOs should invest in tools, like Sepio or advanced NACs, that perform physical layer fingerprinting. These tools analyze the electrical and timing characteristics of the hardware to detect if a ‘printer’ is actually a Linux-based implant.” Chagnon also encouraged extensive use of port locks that require a key, and some type of tamper-evident tape over chassis and ports. “Security sweeps should include looking for extra wires, unauthorized USB hubs, or small boxes that don’t match the asset inventory,” he added. “If a door to a restricted area is opened and a new, unknown device simultaneously appears on that local switch, the SOC should receive a high-priority correlated alert.” Forrester Senior Analyst Paddy Harrington said that many enterprise security executives “forget how susceptible these things are to attack” and specifically pointed to IoT and OT devices as prime targets. Too many security people, Harrington said, are looking at what shadow devices, such as fitness trackers, are supposed to do, and not focusing on the access the device could get as the start of a backdoor attack. “You shouldn’t be able to walk up to an Ethernet port and plug in anything. That device needs to be authenticated,” Harrington said, adding that he estimates that 50% of all enterprises cut too many corners on device security. “Why should any IoT lightbulbs have access to financial data?” he asked. When he confronts enterprise security leaders on physical security, he said, he gets pushback. For example, in a recent discussion about network segmentation, the executive told him, “To segment our environment to that degree is going to take a lot of time and effort, and we are redirecting our money elsewhere.” Harrington said, “I’m sorry, but that is a poor excuse.” However, one security executive, Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, said that these types of physical attacks can be challenging to block. “The proliferation of inexpensive and very capable single board computers such as the Raspberry Pi have made this problem much harder. Intrusion detection in the network should have detected behavioral anomalies, but that’s easier said than done if you have a large complex network and the Raspberry Pi looks like just another normal IoT device,” Villanustre pointed out. “And this is assuming that it was even connected to the network, rather than [to] some ancient serial bus in the ship’s control systems.” Proceed with caution Villanustre encouraged anyone discovering such a device to proceed cautiously. “Disconnecting the device could result in losing important forensic information if not careful. It’s not too hard to equip the device with a tiny battery or supercapacitor that would give it enough time to wipe itself out if disconnected from the network or somehow tampered with,” Villanustre said. “Trying to send false information is even harder, because you would need to identify the protocols used by the device to know what to send. A bigger concern is if the device is connected to perhaps another device in the ship and could trigger a damaging action if tampered with. It could even detonate explosives.” Whisper Security CEO Kaveh Ranjibar added that his advice for dealing with this kind of physical discovery is “immediate isolation and forensic analysis, but with one critical step before physical removal: map the blast radius. Before you pull the plug, capture the device’s network traffic. Who is it talking to? What domains is it querying?” “Using infrastructure intelligence, you can often attribute the actor based on the neighborhood of the command-and-control servers they use, allowing you to understand if this is a script kiddie or a GRU operation before you touch the hardware,” Ranjibar said. Ranjibar said that when such devices phone home, they may reveal a lot of usable information. “A rogue device like a Raspberry Pi, even with a cellular modem, isn’t invisible. It has to phone home to receive commands or exfiltrate data. It creates an infrastructure footprint: a new IP address, a DNS resolution or a connection to a specific Autonomous System Number (ASN),” Ranjibar said. “CISOs need to move beyond just monitoring their internal LAN,” he added. “They need continuous external infrastructure monitoring. If a device on your vessel or in your building starts communicating with a network block known for hosting state-sponsored malware, or if a new shadow asset appears on your perimeter, that is your tripwire. You might not catch the person planting the device, but you should instantly catch the device when it connects to the internet.” View the full article

A recent attack on a ferry, in which an attacker reportedly plugged a tiny computer called a Raspberry Pi into the network in an attempt to break into the vessel’s operations, offers an important lesson for enterprise CISOs: one analyst estimated that half of all enterprises would likely be compromised by the same attack on their physical environment. The ferry was “immobilized Saturday in the southern French port of Sète as it prepared to sail to Algeria” because of the attack attempt, according to a report from Bloomberg. The Raspberry Pi device “was paired with a cellular modem, enabling remote access to the ferry’s internal computer network and external connections.” The good news was that the attack attempt was halted because of good security procedures onboard, the story said. “Investigators said segregation between office and operational networks, along with the absence of remote access to critical controls, prevented lateral movement and ruled out sabotage or hijacking scenarios.” Enterprise controls ‘watching the wrong roads’ The question for enterprise cybersecurity executives is how well their land-based buildings — offices, stores, gas stations, bank branches, manufacturing facilities, and so forth — would have held up under a similar physical attack. Analysts and other security experts were not optimistic about how they would have fared. “Most enterprise security programs are still built for the wrong kind of intruder. They are built for the person who breaks in, not the person who walks in. And the rogue device story is the clearest signal of that shift,” said Sanchit Vir Gogia, the chief analyst at Greyhound Research. “A Raspberry Pi class device with a cellular modem is not just a clever gadget, it is a way to create a new perimeter from inside your building.” He pointed out that an attacker “does not have to fight your firewalls if they can step around them. They do not need to beat your VPN if they can bring their own internet connection into your wiring closet. That is the part that should keep CISOs awake, because it means a lot of the controls we celebrate are watching the wrong roads. If the traffic leaves through cellular, it does not cross your monitored gateways. Your SOC can be doing everything right and will still see nothing.” Fred Chagnon, principal research director at Info-Tech Research Group, agreed with Gogia’s concerns. “Most offices have dozens of live Ethernet ports in lobbies, under conference tables, and in hallways. These should be administratively disabled at the switch level by default. A port should only be activated when a specific, authorized MAC address is verified via 802.1X authentication,” Chagnon said. He added, “modern threat actors use MAC Spoofing to make a Raspberry Pi look like a legitimate VoIP phone or printer. CISOs should invest in tools, like Sepio or advanced NACs, that perform physical layer fingerprinting. These tools analyze the electrical and timing characteristics of the hardware to detect if a ‘printer’ is actually a Linux-based implant.” Chagnon also encouraged extensive use of port locks that require a key, and some type of tamper-evident tape over chassis and ports. “Security sweeps should include looking for extra wires, unauthorized USB hubs, or small boxes that don’t match the asset inventory,” he added. “If a door to a restricted area is opened and a new, unknown device simultaneously appears on that local switch, the SOC should receive a high-priority correlated alert.” Forrester Senior Analyst Paddy Harrington said that many enterprise security executives “forget how susceptible these things are to attack” and specifically pointed to IoT and OT devices as prime targets. Too many security people, Harrington said, are looking at what shadow devices, such as fitness trackers, are supposed to do, and not focusing on the access the device could get as the start of a backdoor attack. “You shouldn’t be able to walk up to an Ethernet port and plug in anything. That device needs to be authenticated,” Harrington said, adding that he estimates that 50% of all enterprises cut too many corners on device security. “Why should any IoT lightbulbs have access to financial data?” he asked. When he confronts enterprise security leaders on physical security, he said, he gets pushback. For example, in a recent discussion about network segmentation, the executive told him, “To segment our environment to that degree is going to take a lot of time and effort, and we are redirecting our money elsewhere.” Harrington said, “I’m sorry, but that is a poor excuse.” However, one security executive, Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, said that these types of physical attacks can be challenging to block. “The proliferation of inexpensive and very capable single board computers such as the Raspberry Pi have made this problem much harder. Intrusion detection in the network should have detected behavioral anomalies, but that’s easier said than done if you have a large complex network and the Raspberry Pi looks like just another normal IoT device,” Villanustre pointed out. “And this is assuming that it was even connected to the network, rather than [to] some ancient serial bus in the ship’s control systems.” Proceed with caution Villanustre encouraged anyone discovering such a device to proceed cautiously. “Disconnecting the device could result in losing important forensic information if not careful. It’s not too hard to equip the device with a tiny battery or supercapacitor that would give it enough time to wipe itself out if disconnected from the network or somehow tampered with,” Villanustre said. “Trying to send false information is even harder, because you would need to identify the protocols used by the device to know what to send. A bigger concern is if the device is connected to perhaps another device in the ship and could trigger a damaging action if tampered with. It could even detonate explosives.” Whisper Security CEO Kaveh Ranjibar added that his advice for dealing with this kind of physical discovery is “immediate isolation and forensic analysis, but with one critical step before physical removal: map the blast radius. Before you pull the plug, capture the device’s network traffic. Who is it talking to? What domains is it querying?” “Using infrastructure intelligence, you can often attribute the actor based on the neighborhood of the command-and-control servers they use, allowing you to understand if this is a script kiddie or a GRU operation before you touch the hardware,” Ranjibar said. Ranjibar said that when such devices phone home, they may reveal a lot of usable information. “A rogue device like a Raspberry Pi, even with a cellular modem, isn’t invisible. It has to phone home to receive commands or exfiltrate data. It creates an infrastructure footprint: a new IP address, a DNS resolution or a connection to a specific Autonomous System Number (ASN),” Ranjibar said. “CISOs need to move beyond just monitoring their internal LAN,” he added. “They need continuous external infrastructure monitoring. If a device on your vessel or in your building starts communicating with a network block known for hosting state-sponsored malware, or if a new shadow asset appears on your perimeter, that is your tripwire. You might not catch the person planting the device, but you should instantly catch the device when it connects to the internet.” View the full article

A recent attack on a French ferry, in which an attacker reportedly plugged a tiny computer called a Raspberry Pi into the network in an attempt to break into the vessel’s operations, offers an important lesson for enterprise CISOs: one analyst estimated that half of all enterprises would likely be compromised by the same attack on their physical environment. The ferry was “immobilized Saturday in the southern French port of Sète as it prepared to sail to Algeria” because of the attack attempt, according to a report from Bloomberg. The Raspberry Pi device “was paired with a cellular modem, enabling remote access to the ferry’s internal computer network and external connections.” The good news was that the attack attempt was halted because of good security procedures onboard, the story said. “Investigators said segregation between office and operational networks, along with the absence of remote access to critical controls, prevented lateral movement and ruled out sabotage or hijacking scenarios.” Enterprise controls ‘watching the wrong roads’ The question for enterprise cybersecurity executives is how well their land-based buildings — offices, stores, gas stations, bank branches, manufacturing facilities, and so forth — would have held up under a similar physical attack. Analysts and other security experts were not optimistic about how they would have fared. “Most enterprise security programs are still built for the wrong kind of intruder. They are built for the person who breaks in, not the person who walks in. And the rogue device story is the clearest signal of that shift,” said Sanchit Vir Gogia, the chief analyst at Greyhound Research. “A Raspberry Pi class device with a cellular modem is not just a clever gadget, it is a way to create a new perimeter from inside your building.” He pointed out that an attacker “does not have to fight your firewalls if they can step around them. They do not need to beat your VPN if they can bring their own internet connection into your wiring closet. That is the part that should keep CISOs awake, because it means a lot of the controls we celebrate are watching the wrong roads. If the traffic leaves through cellular, it does not cross your monitored gateways. Your SOC can be doing everything right and will still see nothing.” Fred Chagnon, principal research director at Info-Tech Research Group, agreed with Gogia’s concerns. “Most offices have dozens of live Ethernet ports in lobbies, under conference tables, and in hallways. These should be administratively disabled at the switch level by default. A port should only be activated when a specific, authorized MAC address is verified via 802.1X authentication,” Chagnon said. He added, “modern threat actors use MAC Spoofing to make a Raspberry Pi look like a legitimate VoIP phone or printer. CISOs should invest in tools, like Sepio or advanced NACs, that perform physical layer fingerprinting. These tools analyze the electrical and timing characteristics of the hardware to detect if a ‘printer’ is actually a Linux-based implant.” Chagnon also encouraged extensive use of port locks that require a key, and some type of tamper-evident tape over chassis and ports. “Security sweeps should include looking for extra wires, unauthorized USB hubs, or small boxes that don’t match the asset inventory,” he added. “If a door to a restricted area is opened and a new, unknown device simultaneously appears on that local switch, the SOC should receive a high-priority correlated alert.” Forrester Senior Analyst Paddy Harrington said that many enterprise security executives “forget how susceptible these things are to attack” and specifically pointed to IoT and OT devices as prime targets. Too many security people, Harrington said, are looking at what shadow devices, such as fitness trackers, are supposed to do, and not focusing on the access the device could get as the start of a backdoor attack. “You shouldn’t be able to walk up to an Ethernet port and plug in anything. That device needs to be authenticated,” Harrington said, adding that he estimates that 50% of all enterprises cut too many corners on device security. “Why should any IoT lightbulbs have access to financial data?” he asked. When he confronts enterprise security leaders on physical security, he said, he gets pushback. For example, in a recent discussion about network segmentation, the executive told him, “To segment our environment to that degree is going to take a lot of time and effort, and we are redirecting our money elsewhere.” Harrington said, “I’m sorry, but that is a poor excuse.” However, one security executive, Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, said that these types of physical attacks can be challenging to block. “The proliferation of inexpensive and very capable single board computers such as the Raspberry Pi have made this problem much harder. Intrusion detection in the network should have detected behavioral anomalies, but that’s easier said than done if you have a large complex network and the Raspberry Pi looks like just another normal IoT device,” Villanustre pointed out. “And this is assuming that it was even connected to the network, rather than [to] some ancient serial bus in the ship’s control systems.” Proceed with caution Villanustre encouraged anyone discovering such a device to proceed cautiously. “Disconnecting the device could result in losing important forensic information if not careful. It’s not too hard to equip the device with a tiny battery or supercapacitor that would give it enough time to wipe itself out if disconnected from the network or somehow tampered with,” Villanustre said. “Trying to send false information is even harder, because you would need to identify the protocols used by the device to know what to send. A bigger concern is if the device is connected to perhaps another device in the ship and could trigger a damaging action if tampered with. It could even detonate explosives.” Whisper Security CEO Kaveh Ranjibar added that his advice for dealing with this kind of physical discovery is “immediate isolation and forensic analysis, but with one critical step before physical removal: map the blast radius. Before you pull the plug, capture the device’s network traffic. Who is it talking to? What domains is it querying?” “Using infrastructure intelligence, you can often attribute the actor based on the neighborhood of the command-and-control servers they use, allowing you to understand if this is a script kiddie or a GRU operation before you touch the hardware,” Ranjibar said. Ranjibar said that when such devices phone home, they may reveal a lot of usable information. “A rogue device like a Raspberry Pi, even with a cellular modem, isn’t invisible. It has to phone home to receive commands or exfiltrate data. It creates an infrastructure footprint: a new IP address, a DNS resolution or a connection to a specific Autonomous System Number (ASN),” Ranjibar said. “CISOs need to move beyond just monitoring their internal LAN,” he added. “They need continuous external infrastructure monitoring. If a device on your vessel or in your building starts communicating with a network block known for hosting state-sponsored malware, or if a new shadow asset appears on your perimeter, that is your tripwire. You might not catch the person planting the device, but you should instantly catch the device when it connects to the internet.” View the full article

Kiklas | shutterstock.com Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete. Der Grund: Es bestand der Verdacht, dass russische Cyberkriminelle versucht haben, das Netzwerk des Schiffs zu hacken – mit einem Raspberry Pi. Dieser war demnach mit einem Mobilfunkmodem gekoppelt, das den Fernzugriff auf das interne Computernetzwerk der Fähre und externe Verbindungen ermöglichen sollte. Die gute Nachricht: Der Angriffsversuch konnte dank robuster Security-Maßnahmen an Bord gestoppt werden. Dem Bloomberg-Bericht zufolge waren Office- und Operations-Netzwerke getrennt und der Fernzugriff auf kritische Steuerelemente des Schiffs deaktiviert. Das habe verhindert, dass die Angreifer sich lateral durch das Netzwerk bewegen konnten und war entscheidend, um mögliche Sabotage- oder auch Entführungsszenarien zu verhindern. Was soll dann dieser Beitrag? Analysten schätzen, dass die Hälfte aller Unternehmen durch einen identischen Angriff kompromittiert worden wäre, weil physische Security vielerorts immer noch nicht die nötige Beachtung findet. Enterprise-Kontrollen, die ins Leere laufen CISOs und Sicherheitsentscheider sollten sich eingehend damit beschäftigen, wie gut eigentlich relevante Gebäude – also Büros, Geschäftsstellen oder auch Produktionsstätten – mit Blick auf mögliche physische Angriffe abgesichert sind. Analysten und Security-Profis sehen hier enorm viel Luft nach oben. Etwa Sanchit Vir Gogia, Chefanalyst bei Greyhound Research: “Die meisten Sicherheitsprogramme von Unternehmen sind immer noch auf die falsche Art von Eindringling ausgerichtet. Sie sind für die Personen konzipiert, die einbrechen – nicht für die, die einfach durch die Vordertür hereinspazieren.” Die Story von der beinahe gehackten Fähre sei ein deutliches Signal dafür, dass sich dringend etwas ändern müsse, so der Analyst: “Ein Raspberry Pi mit Mobilfunkmodem ist nicht nur ein cleveres Gadget. Er bietet auch die Möglichkeit, einen neuen Perimeter innerhalb Ihres Gebäudes zu schaffen.” Angreifer müssten sich so keine Mühe mehr geben, Firewalls oder VPNs zu überwinden, sie brächten stattdessen einfach ihre eigene Internetverbindung mit: “Das sollte CISOs nachts wachhalten, denn es bedeutet im Umkehrschluss, dass viele etablierte Kontrollmechanismen potenziell ins Leere laufen, weil sie den Fokus auf die falschen Bereiche richten. Wenn der Datenverkehr per Mobilfunk abfließt, nützt auch das beste Monitoring-Gateway nichts.” Fred Chagnon, Principal Research Director bei der Info-Tech Research Group, teilt die Bedenken von Gogia: “Die meisten Büros verfügen über Dutzende von aktiven Ethernet-Ports in Lobbys, Konferenzräumen und Fluren. Diese sollten standardmäßig auf Switch-Ebene administrativ deaktiviert werden. Ein Port sollte nur dann aktiviert werden, wenn eine bestimmte, autorisierte MAC-Adresse über die 802.1X-Authentifizierung überprüft wurde”, empfiehlt der Experte. Moderne Angreifer so Chagnon weiter, nutzten MAC-Spoofing, um einen Raspberry Pi wie ein legitimes VoIP-Telefon oder einen Drucker aussehen zu lassen. Deshalb empfiehlt er CISOs, in Tools oder fortschrittliche NACs zu investieren, die Fingerprinting auf physikalischer Ebene gewährleisten: “Diese Tools analysieren die elektrischen und zeitlichen Charakteristiken der Hardware, um festzustellen, ob ein Drucker tatsächlich einer ist – oder nur ein ‘Implantat’ auf Linux-Basis.” Chagnon empfiehlt Sicherheitsentscheidern zudem dringend den umfassenden Einsatz von manipulationssicheren Port-Sperren: “Im Rahmen von Sicherheitskontrollen dürfen zusätzliche Kabel, nicht autorisierte USB-Hubs oder kleine undefinierbare Boxen, die nicht mit dem Bestand übereinstimmen, keinesfalls unter den Tisch fallen”, mahnt der Experte. Raspberry Pi gefunden? Sollten Sie im Zuge Ihrer Kontrollmaßnahmen solche Geräte identifizieren, ist in erster Linie Vorsicht angebracht. Zwar empfiehlt es sich, das Device zu isolieren und forensisch zu untersuchen – allerdings sollten Sie dabei mit Bedacht vorgehen. Das rät zumindest Flavio Villanustre, CISO der LexisNexis Risk Solutions Group: “Solche Devices vom einfach vom Netzwerk zu trennen, könnte zum Verlust wichtiger forensischer Informationen führen.” Es sei nicht allzu schwer, das Gerät mit einer Batterie oder einem Superkondensator auszustatten, die dafür sorgen, dass sich das Device selbst löscht, wenn es vom Netzwerk getrennt oder auf andere Weise manipuliert wird. Darüber hinaus bestehe die Gefahr, dass die Geräte mit weiteren Devices verbunden seien, die schädliche Aktionen auslösen könnten – im Extremfall auch Sprengstoffexplosionen. Kaveh Ranjibar, CEO von Whisper Security, hat einen weiteren guten Tipp für CISOs mit physischen Security-Problemen auf Lager: “Mithilfe einer intelligenten Infrastruktur können Sie Bedrohungsakteure oft darüber identifizieren, wo der verwendete Command-and-Control-Server steht. So lässt sich oft schon vor dem Zugriff auf die Hardware erkennen, ob es sich um Script-Kiddies oder staatlich beauftragte Hacker handelt.” Wie Ranjibar festhält, können Devices dieser Art viele nützliche Informationen preisgeben, sobald sie erbeutete Daten “nach Hause” senden: “Ein Gerät wie ein Raspberry Pi, das für schadhafte Zwecke eingesetzt wird, ist selbst mit einem Mobilfunkmodem nicht unsichtbar. Es muss sich mit der Zentrale verbinden, um Befehle zu empfangen oder Daten zu exfiltrieren. Dadurch entsteht ein Infrastruktur-Fußabdruck: eine neue IP-Adresse, eine DNS-Resolution oder eine Verbindung zu einer bestimmten ASN”, erklärt der Sicherheitsexperte. Er fügt hinzu: “CISOs benötigen eine kontinuierliche Überwachung der externen Infrastruktur. Sie können vielleicht nicht die Person erwischen, die das Gerät platziert. Aber sie sollten dafür sorgen, das Gerät sofort zu erwischen, wenn es sich mit dem Netz verbindet.” (fm) View the full article

A warning from Microsoft that a Windows patch issued last week may cause the Message Queuing (MSMQ) function in the operating system to malfunction could be behind multiple reports of internet of things (IoT) applications failing. David Shipley, head of Canadian security awareness training provider Beauceron Security, says he saw a query on a Microsoft learning forum today asking if the MSMQ problem is behind the failure of a firm’s point of sale system to issue sales receipts. Another person posted a query on a different Microsoft forum about a building in an unnamed city being without its fire alarm or smoke detector systems. A link between these posts and the December 16 security update from Microsoft on the MSMQ issue couldn’t be confirmed. But Shipley said it is odd that Microsoft’s initial advice says that a workaround is available, but instead of detailing it, it urges admins to contact Microsoft Support For Businesses. “The scariest words when it comes to a serious bug in Windows you’re trying to fix, that’s crashing your applications, is, ‘Call us,’” he said. MSMQ is a protocol for secure messaging between applications, Shipley noted, so if there is a problem, “it’s going to break stuff.” The Microsoft post says that individuals using Windows Home or Pro editions on personal devices are “very unlikely to experience this issue. This issue primarily affects enterprise or managed IT environments,” including those running clustered MSMQ environments under load. Symptoms include: MSMQ becoming inactive; Internet Information Services (IIS) sites failing with “Insufficient resources to perform operation” errors; applications unable to write to queues; errors such as “The message file ‘C:\Windows\System32\msmq\storage*.mq’ cannot be created” when creating message files; misleading log entries such as “There is insufficient disk space or memory”, despite sufficient disk space and memory being available. Affected are servers running Windows Server 2019 and 2016, Windows Server 2012 R2 and Windows Server 2012. Also affected are PCs running Windows 10 version 22H2, Windows 10 version 21H2, Windows 10 version 1809, and Windows 10 version 1607. Support for Windows 10 ended October 14, so the issue should only affect these systems if admins have paid for extended support and received the December update. This issue is caused by a December Patch Tuesday security update (KB5071546) that introduced changes to the MSMQ security model and NTFS permissions on the C:\Windows\System32\MSMQ\ storage folder. MSMQ users now require write access to this folder, which is normally restricted to administrators, says Microsoft. As a result, attempts to send messages via MSMQ APIs might fail with resource errors. “A workaround is available for affected devices,” says the Microsoft update. “To apply the workaround and mitigate this issue in your organization, please contact Microsoft Support for business. We are investigating this issue and will provide more information when it is available.” Jack Bicer, director of vulnerability research at Action1, suggested as a temporary workaround for MSMQ failures that Windows admins grant write access to the MSMQ directory C:\Windows\System32\msmq. Once Microsoft provides the official update, revert the directory permissions to their original state and deploy the fix, he said. Danny Nguyen of Wicloud suggested on a Microsoft Learn forum that admins could either roll back the December security update (KB5071546) or adjust the permissions, as Bicer suggests. However, Nguyen urged admins to consult with their security team before making system-level permission changes. A Microsoft spokesperson was asked for comment, but no response was received by press time. This isn’t the first MSMQ problem in recent memory; last year Microsoft discovered a remote code execution vulnerability (CVE-2024-30008) that carried a criticality rating of 9.8. In this case, however, said Robert Beggs, head of Canadian incident response firm DigitalDefence, although the cause of the issue is a security patch, the impact and workaround are not strictly security issues. Therefore, he believes the fix is a workaround that does not involve security and security support, but regular support for a Windows system. As for the company’s reason for asking admins to contact Microsoft Support for Business for the workaround, he suggested that Microsoft may want to spread the workload to ensure that security support is not overworked. More broadly, warned Shipley, any update that leads to a business application failure is the kind of issue that turns admins off patching. December is the biggest month of the year for retail, and not the time for POS machines to go down because of the installation of a new patch. This article originally appeared on Computerworld. View the full article

Apple today introduced several changes to the App Store in Japan to meet the requirements of the Mobile Software Competition Act (MSCA) that goes into effect on December 18. The MSCA is similar to Europe's Digital Markets Act (DMA) so the Japanese ‌App Store‌ will work a lot like the EU ‌App Store‌, but there are some differences. Here's a quick rundown of what's changing as of today: Side Button - Users in Japan will be able to change what the side button does, and it will be able to activate third-party voice assistants instead of Siri. Payment options - Developers can offer in-app purchases, accept third-party payments in their apps, or direct users to a website to make a purchase. Alternative app marketplaces - Apps can be distributed through alternative app marketplaces instead of the ‌App Store‌. Users can set an alternative app marketplace as their default marketplace instead of the ‌App Store‌. Fee changes - New fees range from 5% to 26% depending on distribution method and payment method. Browser choice - Users are prompted to select a default browser at setup. Search engine choice - Users are prompted to choose a default Search engine at setup. Navigation apps - Users in Japan can select a different navigation app. Alternative Payment Options There is a notable difference between how alternative payment options are implemented in Japan and how they are implemented in the EU. Developers in Japan are required to display third-party digital purchase options alongside in-app purchase options, so customers can choose to use in-app purchase if desired. Purchase screens can link to a website or use a third-party payment service for end-to-end checkout directly in an app, but those two alternative payment options must be displayed right alongside an in-app purchase option. Developers are required to make the in-app purchase button at least as prominent as other payment options that are displayed. Japanese developers are able to offer different price points, so a direct payment link can be cheaper than the accompanying in-app purchase option. When a user chooses an alternative payment option or taps a link to a website to make a purchase, an in-app sheet will let them know they are no longer transacting with Apple. It informs users that refund requests and other Apple-provided services will not be available. Alternative App Marketplaces App developers in Japan can offer their apps through the ‌App Store‌ or through any alternative app marketplace. Apps and app marketplaces are subject to Apple's Notarization process, and there is no option to distribute apps through a website like there is in the EU. Any developer is able to build an app marketplace. As in the EU, alternative app marketplaces will be checked for basic functionality, malware, and security threats for user protection purposes, but Apple does not have content oversight. App marketplaces can establish their own content rules if desired, and must handle fraud prevention, customer support, and refunds. Apple says that app marketplaces will need to be authorized and will have to meet ongoing requirements to serve developers and users. App developers in Japan can select an ‌App Store‌ or alternative app marketplace when using ‌App Store‌ Connect, and can distribute apps through one marketplace or many. Users are able to set a default app marketplace that replaces the ‌App Store‌ as the primary app option. Fees in Japan Apple has established a new fee structure in Japan, and fees are based on distribution and payment method. Apple says that fees will be the same or lower for 100% of developers in Japan. Participants in the Small Business Program, Video Partner Program, and Mini Apps Partner Program will pay the reduced rate below. Subscriptions in apps maintained after the first year are also subjected to the lower fee. The Small Business Program includes developers that earn less than 1 million USD annually. Developers that earn more than that have to pay Apple's full commission rates. App Store w/ In-App Purchase - Varies from 15% to 26%. 21% base fee, 5% payment processing fee. Base fee is 10% for program participants, and 5% fee remains the same. App Store w/ Alt Purchase - Varies from 10% to 21%. 21% base fee, no payment processing fee. 10% for program participants. App Store w/ Web Link - Varies from 10% to 15%. 15% Store Services Fee, 10% for program participants. Alternative Marketplace - 5% Core Technology Commission. To explain it another way, all apps on the ‌App Store‌ will pay a 10% or 21% ‌App Store‌ commission. For purchases made using in-app purchase through the ‌App Store‌, Apple will collect an additional 5%. Purchases made in an app through an alternate payment method will not incur the 5% fee, but developers will need to pay the fee from whatever payment processing service they're using. Web link fees are lower. Apple will collect 15% from standard users, or 10% from program participants. There is no payment processing fee, but developers will need to pay the fee of the third-party payment processing service. Non-App Store distribution has the lowest fee, at 5%. The Core Technology Commission applies to the sale of digital goods and services, including paid apps in alternative app marketplaces. Side Button Changes Users in Japan can change the function of the Side Button, assigning a voice-based conversational app. There are criteria that apps need to meet to be eligible to operate with the Side Button, and Apple has created an API to allow developers of voice-based conversational apps to request Side Button access. Apps that offer a conversational experience as their primary purpose are eligible to be used with the Side Button. That includes chatbot apps like ChatGPT, Claude, or Gemini. The Side Button will be able to activate the voice chat mode in an eligible third-party app, and it will function much like the Action Button does now when launching an app using a Shortcut. Child Protections All apps need to provide an install sheet with a clear age rating, regardless of whether an app is distributed through the ‌App Store‌ or an app marketplace. Apps in the Kids category will not be able to include links to websites to complete transactions at all. Apps outside of the kids category cannot link to websites for transactions for users under 13 years old. Developers are able to include a link to a website for transactions in their app, with that link only displayed to users that are over the age of 13 to meet the MSCA's requirements. For all users under the age of 18, all ‌App Store‌ apps that use alternative payment processing or link to a website for transactions must include a parental gate that requires younger users to involve their parent before making a purchase. Apple plans to release APIs in the future to better support the new requirements. Browser and Search Engine Choice During the device setup process, iPhone users in Japan are presented with browser and search engine selection screens with options displayed in a randomized order. Safari and Google Search will no longer be the automatic default in Japan. Developers in Japan can choose alternative web browser engines other than WebKit, as long as those browser engines meet Apple's privacy requirements. Users can change their defaults in the Defaults section of the Settings app. Interoperability Like in the EU, Japan's MSCA requires Apple to accept interoperability requests. Developers can ask Apple to add new features that will allow them expanded access to hardware and software features. There is also a baseline interoperability requirement. Apple has more control over interoperability in Japan than it does in the EU, and it is able to consider security and privacy risks when deciding whether to implement an interoperability feature. Interoperability requirements in the EU have led to delayed features like Live Translation, or have prevented Apple from implementing features like Screen Mirroring. Apple does not anticipate that interoperability requirements will lead to delayed features in Japan because Japan's law includes exceptions for privacy and security. Navigation ‌iPhone‌ users in Japan can select a different app as the default navigation app. MSCA vs. DMA Apple worked with Japanese regulators on the MSCA, and sees it as a better solution than the DMA in Europe. Changes mandated by the MSCA expose users to some risk by allowing non-App Store app installations, but it maintains protections for children. Though the MSCA allows for alternative app distribution, it does not include a provision for downloading apps directly from websites, so Apple is able to maintain some level of security by overseeing app marketplaces. Apple is able to require apps to offer both in-app purchase and alternative payment methods, allowing users in Japan to decide their preference. The MSCA also allows Apple to deny interoperability requests that would expose users to privacy and security risks, while the DMA does not. Fee structures and features provided by Apple are not as complicated in Japan as they are in the European Union. Japan's fees are similar to the Store Services Tier 2 fee in the EU (applicable to all apps starting on January 1, 2026), which includes all ‌App Store‌ functionality for a 15 to 20% total fee. Japan does not have the Store Services Tier 1 option, which cuts down on ‌App Store‌ functionality that Apple delivers but also lowers fees to 10% to 12%. Availability Apple is implementing the ‌App Store‌ and iOS changes starting today, with the functionality built into the iOS 26.2 update that came out on December 12. Developers with iOS apps in Japan can start shipping the new features immediately, with more detailed information available on Apple's developer site. The changes are only applicable to iOS apps distributed in Japan. This article, "Japan App Store Gets Alternative Marketplaces, Third-Party Payments and More" first appeared on MacRumors.com Discuss this article in our forums View the full article

A Chinese-linked threat group identified as “Ink Dragon” is targeting common weaknesses in Internet Information Services (IIS) servers to build a global espionage network that is difficult to track or disrupt, security vendor Check Point has reported. Also nicknamed “Earth Alux,” (Trend Mico) and “REF7707” (Elastic Security Labs), the group’s activities date back to early 2023, at which time it targeted governments in Southeast Asia and South America. This has since expanded to target European countries. Ink Dragon might sound similar in its modus operandi to several other Chinese threat groups engaged in nation-state surveillance, such as UNC6384, whose campaigns targeted European diplomats. However, during a recent investigation at the office of a European government, Check Point said it had discovered that the group has now pivoted towards what it called “an unusually sophisticated playbook” with longer term goals. Key to this is IIS, Microsoft’s aging web server platform, which is still present in many networks, especially those in the public sector. This platform holds two attractions: it is widely deployed, and is often misconfigured and insecure. The campaign begins when attackers compromise an IIS server, gain access to the internal network where they harvest local credentials, study admin sessions, using these and Microsoft Remote Desktop to move laterally without attracting attention. At this point, the group installs a customized IIS module that turns the server into an invisible “quiet” relay inside the group’s wider global infrastructure. “These servers forward commands and data between different victims, creating a communication mesh that hides the true origin of the attack traffic,” explain Check Point’s researchers. Shadow infrastructure The attack has two goals: to compromise government servers and plunder their networks for intelligence while, secondly, borrowing them to relay attack traffic to and from other compromised servers in a way that makes detecting the group’s command & control (C2) much harder. This tactic cleverly dodges the problem of having to rely on conventional C2 infrastructure which is vulnerable to takedown and disruption. Instead, the hijacked and trusted government servers become the infrastructure. “Across incidents, the same story repeats. A small web facing issue becomes the first step. A series of quiet pivots leads to domain level control. The environment is then repurposed as part of a larger network that powers operations against additional targets,” said Check Point. As to the traffic itself, the group hides communication inside ordinary mailbox drafts, making it look like everyday communication. Coincidentally, Check Point found that a second Chinese threat group, RudePanda, was simultaneously exploiting IIS weaknesses to compromise government servers. This meant that RudePanda “ended up operating in the same [compromised] environments at the same time.” The discoveries underscore the issue of IIS misconfiguration. Beyond listing the group’s indicators of compromise (IoCs), Check Points offers no specific advice on how to counter this. Nevertheless, some actions suggest themselves: audit the modules running on IIS against a known good baseline, enable advanced IIS logging, configure IIS to make common view state vulnerabilities less likely, and consider putting IIS servers behind a web application firewall (WAF). View the full article

There's now a dedicated Apple Music app for ChatGPT, which allows ChatGPT to make music recommendations and build playlists based on your ‌Apple Music‌ listening history. ‌Apple Music‌ can be added to ChatGPT through the Settings section in the Mac app, website, or iOS app. ‌Apple Music‌ is listed under the apps option, and connecting to it requires signing in with your Apple Account for authorization purposes. ChatGPT can be used to search through the ‌Apple Music‌ catalog for songs, artists, albums, and playlists, even without an ‌Apple Music‌ subscription. OpenAI says that all users are able to discover music, generate playlists, and listen to preview clips in ChatGPT. ‌Apple Music‌ subscribers can add songs, albums, and playlists to their ‌Apple Music‌ Library using ChatGPT. When ‌Apple Music‌ is added to ChatGPT, it can be selected by tapping on the "+" button. Playlists and suggestions generated by ChatGPT can be opened directly in ‌Apple Music‌. ChatGPT's ‌Apple Music‌ feature was first shared yesterday, but the functionality wasn't live. The app is now available to add to ChatGPT.Tags: Apple Music, ChatGPT This article, "ChatGPT's Apple Music Integration Is Now Live" first appeared on MacRumors.com Discuss this article in our forums View the full article

Apple today provided public beta testers with the first release of an upcoming macOS Tahoe 26.3 update for testing purposes. The public beta comes two days after Apple provided the beta to developers. After signing up for beta testing on Apple's beta site, public beta testers can download the updates using the Software Update section in the System Settings app. We don't know about any new features in macOS Tahoe 26.3 as of yet, but Apple might introduce new capabilities in later beta releases. The beta is limited to developers and public beta testers at the current time, but we are expecting Apple to release the update at the end of January. Related Roundup: macOS Tahoe 26Related Forum: macOS Tahoe This article, "Apple Releases First macOS Tahoe 26.3 Public Beta" first appeared on MacRumors.com Discuss this article in our forums View the full article

Apple today provided beta testers with the first releases of upcoming iOS 26.2, iPadOS 26.2, tvOS 26.2, and watchOS 26.2 updates for testing purposes. The public betas come a couple of days after Apple provided the betas to developers. Anyone can download and install public betas, and all that's required is to sign up on Apple's beta site. Once you've opted in, the software can be downloaded through the Software Update section in the Settings app on each device. iOS 26.3 introduces a simpler way for iPhone users to transfer their data to an Android device when switching platforms, plus it includes a Notification Forwarding feature for third-party wearables in the European Union. It will allow notifications to be forwarded from the ‌iPhone‌ to a third-party device. No new features have been found in the other beta updates as of yet. We're expecting iOS 26.3, iPadOS 26.3, and the other software to come out somewhere around the end of January.Related Roundups: iOS 26, iPadOS 26Related Forum: iOS 26 This article, "Apple Releases First iOS 26.3 and iPadOS 26.3 Public Betas" first appeared on MacRumors.com Discuss this article in our forums View the full article

Samsung kicked off a holiday sale last week, and this event has expanded recently with even more great deals on monitors, TVs, Galaxy smartphones, and home appliances. Many of these deals are the exact same all-time low prices we tracked during Black Friday and Cyber Monday. Note: MacRumors is an affiliate partner with Samsung. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. Regarding TVs, there are quite a few models of The Frame TV on sale, including a new all-time low price on The Frame Pro models. You can get the 2025 65-inch The Frame TV for $1,199.99 ($600 off), as well as The Frame Pro for $1,999.00 ($1,200 off). $1,200 OFFThe Frame Pro for $1,999.00 This is also a good time to purchase a Samsung monitor, with hundreds of monitor deals available during the event. One of the best markdowns is on the 57-inch Odyssey Neo G9 Curved Gaming Monitor, available for $1,499.99, down from $2,299.99. If you're looking to add a second monitor to your workstation, you'll also find a few smaller options, like the 32-inch ViewFinity S7 for $299.99, down from $459.99. For even more potential savings, eligible shoppers have the chance to get additional discounts through Samsung offer programs. These programs provide extra discounts for students, military, and employees of select businesses, and they provide up to 30 percent extra savings on Samsung's website, so be sure to check whether you're eligible for any of these programs. Monitors 27-inch Odyssey G3 Monitor - $139.99, down from $229.99 32-inch ViewFinity S70A UHD Monitor - $299.99, down from $459.99 34-inch ViewFinity S6 Monitor - $399.99, down from $799.99 43-inch Odyssey Neo G7 Smart Gaming Monitor - $549.99, down from $999.99 27-inch Odyssey OLED G6 Gaming Monitor - $599.99, down from $899.99 49-inch Odyssey G9 Gaming Monitor - $777.99, down from $1,299.99 49-inch Odyssey OLED G9 Monitor - $899.99, down from $1,799.99 55-inch Odyssey Ark 2nd Gen - $1,299.99, down from $2,699.99 57-inch Odyssey Neo G9 Curved Gaming Monitor - $1,499.99, down from $2,299.99 TVs 55-inch QLED QEF1 Smart TV - $379.99, down from $599.99 55-inch QLED Q7F Smart TV - $399.99, down from $529.99 55-inch QLED Q8F Smart TV - $599.99, down from $749.99 75-inch Vision AI Smart TV - $679.99, down from $1,199.99 50-inch The Frame - $799.99, down from $1,099.99 75-inch Neo QLED QN70F Smart TV - $1,199.99, down from $1,599.99 65-inch The Frame - $1,199.99, down from $1,799.99 (extra $100 off available through offer programs) 55-inch OLED S95F Smart TV - $1,899.99, down from $2,299.99 75-inch The Frame Pro - $1,999.99, down from $3,199.99 85-inch The Frame Pro - $3,299.99, down from $4,299.99 (extra $660 off available through offer programs) 85-inch Neo QLED QN90F Smart TV - $2,299.99, down from $4,499.99 Appliances Bespoke Smart Dishwasher - $899.99, down from $1,299.00 Large Capacity Side-by-Side Fridge - $999.00, down from $1,666.00 4-Door French Door Fridge - $1,799.00, down from $2,999.00 Bespoke All-in-One Combo Washer/Dryer - $2,099.00, down from $3,299.00 Mega Capacity 3-Door French Door Fridge - $2,499.00, down from $3,499.00 Bespoke 4-Door Flex Fridge - $2,050.00, down from $4,099.00 Bespoke 4-Door Flex Fridge - $3,399.99, down from $4,999.00 Galaxy Products Galaxy XR - Save up to $1,140 with the Explorer Pack Galaxy S25 Ultra - Save up to $700 in instant trade-in credit Galaxy Ring - Get up to $150 trade-in credit Galaxy Watch Ultra - Save up to $250 Galaxy Watch 8 - Save up to $200 If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week. Deals Newsletter Interested in hearing more about the best deals you can find this holiday season? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season! Related Roundup: Apple Deals This article, "Samsung Expands Holiday Sale With Major Discounts on Popular Monitors and TVs" first appeared on MacRumors.com Discuss this article in our forums View the full article

An internal Apple kernel debug kit suggests Apple has tested a MacBook with the A15 chip, alongside a separate A18 Pro-based MacBook that appears to be closer to a shippable product. The information comes from internal kernel debug kit files used by Apple engineers. The kit was accidentally released on Apple's website earlier this year, but it was quickly pulled after information started leaking out of it. Within the Mac-related entries, there is a line that explicitly describes an unreleased MacBook configuration running an A15 chip. The row appears under a project label "mac14p" on a platform labeled H14P. MacRumors believes this A15 MacBook corresponds to the codename J267. In the same dataset, there is also a separate MacBook entry tied to the A18 Pro. It has the identifier J700 and is described as using an A18 Pro chip with a "Sunrise" wireless subsystem attributed to MediaTek. Compared with the A15 test configuration, the A18 Pro MacBook entry reads more like a defined product configuration, since it is identified with a specific internal codename and accompanying subsystem details. It is also highly unlikely that Apple would release a Mac powered by the A15 Bionic in 2026, almost five years after the chip was introduced. A MacBook with the A18 Pro chip would be markedly more capable, future-proof, and in-step with the company's current selection of chips. The A15 MacBook was almost certainly used as an unreleased test platform ahead of widely reported plans to release a low-cost MacBook with an iPhone chip. The original Apple silicon Mac mini Developer Transition Kit featured an A12Z chip, but all Apple silicon Macs available to consumers have featured M-series chips. Rumors suggest the low-cost MacBook will launch next year, featuring the A18 Pro chip, a 13-inch display, and silver, blue, pink, and yellow color options. This article, "Apple Tested a MacBook With the A15 Chip" first appeared on MacRumors.com Discuss this article in our forums View the full article

You can get the 13-inch M4 MacBook Air (256GB) for $749.00 today on Amazon, down from $999.00, with guaranteed Christmas delivery for select colors. This price matches the Amazon all-time low price on the M4 MacBook Air, and there are similar lows on other models with higher storage. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. If you're looking for the larger model, you can get the 15-inch 256GB computer for $949.00, down from $1,199.00. You'll also find many of the 512GB models of the 13-inch and 15-inch M4 MacBook Air on sale this week. $250 OFF13-inch M4 MacBook Air (256GB) for $749.00 $250 OFF15-inch M4 MacBook Air (256GB) for $949.00 If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week. Deals Newsletter Interested in hearing more about the best deals you can find this holiday season? Sign up for our Deals Newsletter and we'll keep you updated so you don't miss the biggest deals of the season! Related Roundup: Apple Deals This article, "Amazon Brings Back All-Time Low Prices on M4 MacBook Air With Christmas Delivery" first appeared on MacRumors.com Discuss this article in our forums View the full article