Silverwizard | Display

buherator

1 week ago • •

buherator
1 week ago • •

OK I think this (via @cR0w) deserves some more attention ( #CrowdStrike CVE-2025-1146):

crowdstrike.com/security-advis…

In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud).

My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?

I present my second Q as a meme for higher reach:

Anakin-Padme meme:
A: Our traffic can be MitM'd
P: But executable updates are signed, right?
A: ...
P: ...

CVE 2025-1146 - crowdstrike.com

^CrowdStrike

#crowdstrike @cR0w

in reply to buherator

silverwizard

in reply to buherator • 1 week ago from ZoobopDeDoDop! •

@buherator @cR0w

CrowdStrike identified this issue through our longstanding, rigorous security review process

Well I'm glad this is going well

@cR0w @buherator

like this

in reply to silverwizard

buherator

in reply to silverwizard • 1 week ago • •

@silverwizard To be fair, they could've pushed a silent patch...

@silverwizard

silverwizard likes this.

in reply to buherator

cR0w

in reply to buherator • 1 week ago • •

@silverwizard That's true. The wording on it is very self-backpatty though.

@silverwizard

silverwizard likes this.

in reply to cR0w

silverwizard

in reply to cR0w • 1 week ago from ZoobopDeDoDop! •

@cR0w @buherator Especially after the recent review of their patching process

@cR0w @buherator

cR0w likes this.

in reply to cR0w

buherator

in reply to cR0w • 1 week ago • •

@silverwizard PR has to show their worth, I'm pretty sure this wasn't composed by the offensive team

@silverwizard

silverwizard likes this.

in reply to buherator

cR0w

in reply to buherator • 1 week ago • •

@silverwizard Of course. But the face of the company is the face of the company and criticism and mockery are fair, especially given the history of the org.

@silverwizard

like this

⇧