Tag
## Impact If a malicious actor is able to trigger Trivy to scan container images from a crafted malicious registry, it could result in the leakage of credentials for legitimate registries such as AWS Elastic Container Registry (ECR), Google Cloud Artifact/Container Registry, or Azure Container Registry (ACR). These tokens can then be used to push/pull images from those registries to which the identity/user running Trivy has access. Taking AWS as an example, the leakage only occurs when Trivy is able to transparently obtain registry credentials from the default [credential provider chain](https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#specifying-credentials). You are affected if Trivy is executed in any of the following situations: - The environment variables contain static AWS credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN) that have access to ECR. - Within a Pod running on an EKS cluster that has been assigned a role with access to ECR using an [...
By Deeba Ahmed "Linguistic Lumberjack" Threatens Data Breaches (CVE-2024-4323). Patch now to shield your cloud services from information disclosure, denial-of-service, or even remote takeover. This is a post from HackRead.com Read the original post: Fluent Bit Tool Vulnerability Threatens Billions of Cloud Deployments
This week on Lock and Code, we talk about what people lose when they let AI services make choices for dinners, reservations, and even dating.
By Waqas New Android Malware "Antidot" disguises itself as Google Update to steal banking info. Don't click suspicious update links! Download apps only from Google Play & keep software updated. This is a post from HackRead.com Read the original post: New Antidot Android Malware Poses as Google Update to Steal Funds
Plus: Three arrested in North Korean IT workers fraud ring, Tesla staffers shared videos from owners’ cars, and more.
A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the `eval` function unsafely in the `litellm.get_secret()` method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the `eval` function without any sanitization. Attackers can exploit this vulnerability by injecting malicious values into environment variables through the `/config/update` endpoint, which allows for the update of settings in `proxy_server_config.yaml`.
By Uzair Amir Discover time-saving document merging strategies for professionals. Learn how to streamline workflows, enhance collaboration, and protect document integrity for increased productivity and peace of mind. This is a post from HackRead.com Read the original post: Efficient Document Merging Strategies for Professionals
By Waqas New HP report reveals cybercriminals are increasingly leveraging "cat-phishing" techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware. This is a post from HackRead.com Read the original post: HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users
Here’s a rundown of some things you may have missed if you weren’t able to stay on top of the things coming out of the conference.
Debian Linux Security Advisory 5689-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-4761 exists in the wild.