Excited to disclose my research allowing RCE in Kubernetes
It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout.
Unfortunately, this will NOT be patched.
@CarterCruise hey, you still DJ'ing? Was listening to twitch's new DJ streams and went looking for your old Cruise Control vols 1 & 2, but can't find them online anywhere :(
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
Some dork on Telegram is selling vx-underground samples for $300. He even takes a screenshot of our website, proclaiming it to be his (???), and says he got the malware from a seizure (???)
👏DON'T 👏PAY 👏FOR 👏 MALWARE 👏
NEW: This is the device that confused and concerned attendees at @defcon by triggering pop ups on their iPhones.
The researcher who created it explained how it works, and what are the risks iPhone users face when these spoofed messages pop up.
https://t.co/J19L9p0DeR
Talk 3️⃣: "Demystifying macOS's Background Task Management"
BTM seeks to centralize (& govern) persistent tasks. This talk dove into internals, demo'd new tools to detect persistent malware, & used 0days to bypass both BTM's alerts & ES messages.
Slides: https://t.co/jdbXPmh8sW
Talk 2️⃣: "Mac-ing Sense of the 3CX Supply Chain Attack: Analysis of the macOS Payloads"
News of attack broke w/ the statement: "we cannot confirm the Mac installer is trojanized" This talk confirmed it was, detailed impact, & methods of detection
Slides: https://t.co/EYsa9wcpcK
Talk 1️⃣: "Nothing but Net: Leveraging macOS's Networking Frameworks to Detect Malware"
Most malware (ab)uses the network thus detecting unauthorized access is a must! But there is (was) scant info on building network monitoring tools for macOS
Slides: https://t.co/76bzsWqpAv
It's common knowledge that the best source for Windows native API definitions is the collection of System Informer (formerly Process Hacker) phnt headers. Surprisingly, there were no online docs for them, so I created a simple website:
https://t.co/WHU55QVZQl
Veilid is ready for you!
Instructions for apt/yum install are live on https://t.co/AQMJKe9Zwj
The Python library is Veilid on Pypi
The Gitlab will be open within the hour.