#auth

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.

## Description Sliver version 1.6.0 (prerelease) is vulnerable to RCE on the teamserver by a low-privileged "operator" user. The RCE is as the system root user. ## Impact As described in a [past issue](https://github.com/BishopFox/sliver/issues/65), "there is a clear security boundary between the operator and server, an operator should not inherently be able to run commands or code on the server." An operator who exploited this vulnerability would be able to view all console logs, kick all other operators, view and modify files stored on the server, and ultimately delete the server. ## Reproduction First configure the Sliver server [in multiplayer mode and add an operator profile](https://sliver.sh/docs?name=Multi-player+Mode). Next, compile a slightly older version of the Sliver client. The commit after 5016fb8d updates the Cobra command-line parsing library in the Sliver client to strictly validate command flags. ``` git checkout 5016fb8d VERSION=1.6.0 make client ``` The late...

The vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.

Telecommunications provider AT&T disclosed earlier this month that adversaries stole a cache of data that contained the phone numbers and call records of “nearly all” of its customers.

Three newly discovered SMTP smuggling attack techniques can exploit misconfigurations and design decisions made by at least 50 email-hosting providers.

An official stamp of approval might give the impression that a purported "HotPage" adtech tool is not, in fact, a dangerous kernel-level malware — but that's just subterfuge.

### Summary An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessing resources in a private tenant, leading to potential data being revealed. ### Impact The lack of proper access control validation for private tenant resources in the OpenSearch observability and reporting plugins can lead to unintended data access. If an authorized user with observability or reporting roles is aware of another user's private tenant resource ID, such as a notebook, they can potentially read, modify, or take ownership of that resource, despite not being the original author, thus impacting the confidentiality and integrity of private tenant resources. The impact is confined to private tenant resources, where authorized users may gain inappropriate visibility into data intended to be private from other users within the same OpenSearch instance, potentially violatin...

Digital literacy and protective measures will be key to detecting disinformation and deepfakes as AI is used to shape public opinion and erode trust in the democratic processes, as well as identify nefarious content.

Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous installer ("HotPage.exe"), according to new findings from ESET. The