Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/112896747922180172">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 03-Aug-2024 15:48:16 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/112896621707619728" rel="in-reply-to">in reply to</a></div></section><article><p>360 takes a look at the Crowdstrike kernel drivers - finds they implement an eBPF like system, contain a wide attack surface, don’t check validity of update files (eg no signing of updates) and claim they contain conditions for LPE and RCE vulnerabilities. <a href="https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ" rel="nofollow noreferrer">https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3423990#notice-6817855">In conversation</a><time datetime="2024-08-03T15:48:16+09:00" title="Saturday, 03-Aug-2024 15:48:16 JST">about 10 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/112896747922180172" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/112896747922180172">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ">https://mp.weixin.qq.com/mp/wappoc_appmsgcaptcha?poc_token=HLLSrWajuA2SPtdYvjdXWf3LLSJuwuaSCpjIeMmK&amp;target_url=https%3A%2F%2Fmp.weixin.qq.com%2Fs%2FuD7mhzyRSX1dTW-TMg4UhQ</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 03-Aug-2024 15:48:16 JST Kevin Beaumont
in reply to
360 takes a look at the Crowdstrike kernel drivers - finds they implement an eBPF like system, contain a wide attack surface, don’t check validity of update files (eg no signing of updates) and claim they contain conditions for LPE and RCE vulnerabilities. https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ
In conversation10 months ago from cyberplace.socialpermalink
Attachments
1. No result found on File_thumbnail lookup.
  https://mp.weixin.qq.com/mp/wappoc_appmsgcaptcha?poc_token=HLLSrWajuA2SPtdYvjdXWf3LLSJuwuaSCpjIeMmK&target_url=https%3A%2F%2Fmp.weixin.qq.com%2Fs%2FuD7mhzyRSX1dTW-TMg4UhQ

Public

Embed Notice

HTML Code

Corresponding Notice