Security on Minoko Labshttps://minoko.life/tags/security/Recent content in Security on Minoko LabsHugo -- 0.154.0en-usFri, 09 Jan 2026 10:00:00 +0000Fixing CVE-2025-12183 in Gradle When the Dependency Changed Ownershiphttps://minoko.life/posts/gradle-capability-resolution-cve-fix/Fri, 09 Jan 2026 10:00:00 +0000https://minoko.life/posts/gradle-capability-resolution-cve-fix/Using Gradle capability resolution to fix a CVE when the vulnerable library was forked to a new Maven coordinate and direct upgrade is not possible.Adding NetworkPolicies for Defense-in-Depth with Linkerdhttps://minoko.life/posts/networkpolicy-defense-in-depth/Sat, 03 Jan 2026 23:49:47 +0000https://minoko.life/posts/networkpolicy-defense-in-depth/Implementing Kubernetes NetworkPolicies alongside Linkerd mTLS to restrict pod-to-pod communication in critical namespaces.OPNsense IDS Monitoring with Suricata, Loki, and Grafanahttps://minoko.life/posts/opnsense-ids-monitoring-with-loki/Thu, 01 Jan 2026 23:30:00 +0000https://minoko.life/posts/opnsense-ids-monitoring-with-loki/Forward OPNsense Suricata IDS alerts to Loki via syslog and visualize intrusion detection events in Grafana alongside firewall logs.Automatic Certificate Rotation with cert-manager and Linkerdhttps://minoko.life/posts/cert-manager-linkerd-rotation/Thu, 01 Jan 2026 12:00:00 +0000https://minoko.life/posts/cert-manager-linkerd-rotation/Automate Linkerd identity issuer certificate rotation using cert-manager, with a CronJob to sync secret formats and Prometheus alerts for expiry warnings.Preventing Your Dual-Homed Linux Box from Bridging Networkshttps://minoko.life/posts/dual-homed-network-isolation-article/Tue, 30 Dec 2025 10:00:00 +0000https://minoko.life/posts/dual-homed-network-isolation-article/Prevent a dual-homed Linux workstation from bridging networks using firewalld zones and FORWARD rules, with exceptions for Kubernetes pod networking.