Artikel

Follina (CVE-2022-30190)
Follina (CVE-2022-30190)2. Juni 2022

Follina ist eine neu entdeckte Schwachstelle, die das Microsoft Support Diagnostic Tool (MSDT) mit Hilfe von speziell erstellten Microsoft Office und Rich-Text-Format-Dateien ausnutzt. Es handelt sich dabei um eine RCE-Schwachstelle, die es einem Angreifer erlaubt, Schadcode auf dem System auszuführen.

Artikel auf Englisch

Write-up: Dirty Money - Operator
Write-up: Dirty Money - Operator18. Juli 2022

The HackTheBox Business CTF 2022 featured two cloud challenges. The harder one was Operator, which we will present in the following. Fasten your seatbelts as this will be kind of a ride!

Kubewarden 1.0.0: Yay or Nay?
Kubewarden 1.0.0: Yay or Nay?12. Juli 2022

Kubewarden, an only recently admitted CNCF sandbox project, has had its first stable release on 22nd of June, 2022 — a perfect time to have a quick look at it. What is Kubewarden? In short: Kubewarden is an admission controller for Kubernetes (stylized as K8s), that tries to replace the now deprecated Pod Security Policies and unify the current ecosystem by supporting both versions of Rego policies (used by Open Policy Agent and OPA gatekeeper).