Conversation
buherator

buherator

OK I think this (via @cR0w) deserves some more attention ( #CrowdStrike CVE-2025-1146):

https://www.crowdstrike.com/security-advisories/cve-2025-1146/

In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud).

My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?

I present my second Q as a meme for higher reach:
1
5
15
silverwizard@convenient.email

silverwizard

Reply to @buherator

@buherator @cR0w

CrowdStrike identified this issue through our longstanding, rigorous security review process


Well I'm glad this is going well

1
0
0
buherator

buherator

Reply to @silverwizard@convenient.email
@silverwizard @cR0w To be fair, they could've pushed a silent patch...
0
0
2
buherator

buherator

Reply to
@cR0w @silverwizard PR has to show their worth, I'm pretty sure this wasn't composed by the offensive team
0
0
2
silverwizard@convenient.email

silverwizard

Reply to
@cR0w @buherator Especially after the recent review of their patching process
0
0
0
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.