Kubernetes, IoT, Linux, Facebook, Signal vs Cellebrite
Unit42 has a detailed report on how to brick a Kubernetes cluster with a malicious image.
Forescout Research Lab studied the problem of insecure DNS in IoT devices and disclosed NAME:WRECK.
Linux kernel maintainers have decided to ban the University of Minnesota for code contribution because they have been stealthily submitting malicious patches multiple times in order to support their research.
Facebook accidentally shared an internal email with Data News, a Belgium news media, on their strategy for dealing with the data scrapping which leads to 533 million user data being sold on a hacking forum.
Signal published their security assessment against Cellebrite, and suggesting mutually “responsibly disclose the specific vulnerabilities we know about to Cellebrite if they do the same for all the vulnerabilities they use in their physical extraction and other services to their respective vendors, now and in the future”.