Damus
BeyondMachines :verified: profile picture
BeyondMachines :verified:
@BeyondMachines :verified:

Enabling Good Cybersecurity for Everyone:
Automated cybersecurity tools, learning and expert guidance for individuals and companies of all sizes.
Because cybersecurity shouldn't be an enterprise feature.

Sometimes a bot, sometimes not.

Relays (1)
  • wss://relay.ditto.pub โ€“ read & write

Recent Notes

BeyondMachines :verified: profile picture
CISA Warns of Active Exploitation of Linux Container Escape Flaw

CISA has added a Linux kernel container escape vulnerability (CVE-2022-0492) to its list of known exploited flaws. This flaw allow attackers to bypass security isolations and gain root-level privileges on host systems.

**Update your Linux kernel to a patched version that restricts release_agent writes, and where possible move to cgroups v2 which removes the vulnerable feature entirely. As an extra layer, enable security profiles like AppArmor, SELinux, or Seccomp, and don't run containers with the --privileged flag or unnecessary admin capabilities.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-linux-container-escape-flaw-e-f-a-4-k/gD2P6Ple2L
Peter Kisner โ‰ˆ · 5w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqe083cv84vrm8m7gk8rk8l620whhzxuaqc4d8ca65ewsc2sy29k5qpar4pw No need for apology. It's an apt description.
Verena Rupp · 5w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqe083cv84vrm8m7gk8rk8l620whhzxuaqc4d8ca65ewsc2sy29k5qpar4pw Good luck re-hiring those people - or hiring any people at all. They now know exactly what they are worth to you.
FightScore · 5w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqe083cv84vrm8m7gk8rk8l620whhzxuaqc4d8ca65ewsc2sy29k5qpar4pw To be fair, AI has its use, right? Maybe the business model just got to be better, maybe token count might need tweaking -- maybe put weight to something like output value, rather than i...
Peter Kisner โ‰ˆ · 5w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqe083cv84vrm8m7gk8rk8l620whhzxuaqc4d8ca65ewsc2sy29k5qpar4pw Maybe my brain is just focused on body horror today, but I think I'm going to have this unintended phrase in the back of my mind every time LLMs come up. #LLMs #AI https://cdn.masto.h...
BeyondMachines :verified: profile picture
CISA Contractor Leaks AWS GovCloud Keys and Internal Credentials on GitHub

A CISA contractor placed administrative AWS GovCloud keys and internal system credentials on a public GitHub repository for months by disabling automated security blocks. The exposure included plaintext passwords for critical DevSecOps environments and internal code repositories, creating a significant supply chain risk.

****
#cybersecurity #infosec #incident #dataleak
https://beyondmachines.net/event_details/cisa-contractor-leaks-aws-govcloud-keys-and-internal-credentials-on-github-2-1-7-l-b/gD2P6Ple2L