Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.place/objects/63d999ea-3ae5-4e94-ac0a-fbd717075d77">buherator (buherator@infosec.place)'s status on Thursday, 13-Feb-2025 04:30:17 JST</a><a href="https://infosec.place/users/buherator" title="buherator@infosec.place"><img src="https://gnusocial.jp/avatar/105742-48-20230309202713.webp" width="48" height="48" alt="buherator" style="position: absolute; left: 0; top: 0;">buherator</a><div><ul><li></ul></div></section><article>OK I think this (via <a href="https://infosec.exchange/@cR0w">@cR0w</a>) deserves some more attention ( <a href="https://infosec.place/tag/crowdstrike" rel="tag">#CrowdStrike</a> CVE-2025-1146):<br><br><a href="https://www.crowdstrike.com/security-advisories/cve-2025-1146/">https://www.crowdstrike.com/security-advisories/cve-2025-1146/</a> <br><br>In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud). <br><br>My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?<br><br>I present my second Q as a meme for higher reach:</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4554375#notice-8916128">In conversation</a><time datetime="2025-02-13T04:30:17+09:00" title="Thursday, 13-Feb-2025 04:30:17 JST">about 18 days ago</time> <span>from <span><a href="https://infosec.place/objects/63d999ea-3ae5-4e94-ac0a-fbd717075d77" rel="external" title="Sent from infosec.place via ActivityPub">infosec.place</a></span></span><a href="https://infosec.place/objects/63d999ea-3ae5-4e94-ac0a-fbd717075d77">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4126287">Anakin-Padme meme: 
A: Our traffic can be MitM'd
P: But executable updates are signed, right?
A: ...
P: ...</a></label><br><a href="https://media.infosec.place/infosec-place/57b8275762f6d9e3ab442a0c84b3d8d083729f348d1209075e8c131aeae9a341.jpeg" rel="external">https://media.infosec.place/infosec-place/57b8275762f6d9e3ab442a0c84b3d8d083729f348d1209075e8c131aeae9a341.jpeg</a></li><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://www.crowdstrike.com/security-advisories/cve-2025-1146/">CVE 2025-1146 - crowdstrike.com</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
buherator (buherator@infosec.place)'s status on Thursday, 13-Feb-2025 04:30:17 JSTbuherator
- cR0w :cascadia:
OK I think this (via @cR0w) deserves some more attention ( #CrowdStrike CVE-2025-1146):

https://www.crowdstrike.com/security-advisories/cve-2025-1146/

In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud).

My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?

I present my second Q as a meme for higher reach:
In conversationabout 18 days ago from infosec.placepermalink
Attachments
1. Anakin-Padme meme: A: Our traffic can be MitM'd P: But executable updates are signed, right? A: ... P: ...
  https://media.infosec.place/infosec-place/57b8275762f6d9e3ab442a0c84b3d8d083729f348d1209075e8c131aeae9a341.jpeg
2. No result found on File_thumbnail lookup.
  CVE 2025-1146 - crowdstrike.com

Public

Embed Notice

HTML Code

Corresponding Notice