postmortem

Post Mortem - NameCheap Feb 2023

On Sunday, Feb 12th, I received a suspcious message about a DHL delivery from hello@namecheap.com. Pretty odd, but I ignored. Later I received notification from NameCheap that there had been a compromise. As of 18:18UTC on 2/13 it’s still being investigated. Below are the emails headers of my message, which appears to be an authenticated message from Sendgrid. I would venture to guess that an API key was leaked. Certainly highlights the need to protect third-party access to such systems.

Plan

Planning for a DevOps Cycle Architecture Platform Engineering: Home for Platform Engineers. Includes a comprehensive tech library of stacks/solutions. Backstage: Open source developer portal Krato: Potentially lighter-weight solution to Backstage, but also seems heavily tied into ArgoCD and Crossplane Keeping Code Simple Questions for a new technology Redhat Demo Central - Architectures for a wide range of cloud infrastructures and problems. Who Cares If It Scales - Avoiding pre-mature optimization.
Steve Miller BY-NC 4.0 | Rendered by Hugo | Subscribe