Crestvale Newsroom

GhostLock kernel bug lets users get root

6 min · I går
episode GhostLock kernel bug lets users get root cover

Description

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] A long standing Linux kernel bug is now a reliable privilege escalation path, just as patch timelines are collapsing and attackers begin operating at machine speed. This episode breaks down what changed and why it matters right now. For security and IT leaders, the message is consistent across all stories. Speed is now a primary control. Slow patch cycles, weak visibility into kernel versions, and delayed detection after identity compromise all translate directly into risk. At the same time, early examples of autonomous attack chains suggest defenders are no longer dealing with human paced intrusions. We also cover shifts in ransomware targeting, supply chain exposure from major vendors, and why identity hygiene continues to drive most breaches. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Comments

0

Be the first to comment

Sign up now and become a member of the Crestvale Newsroom community!

Get Started

1 month for 9 kr.

Then 99 kr. / month · Cancel anytime.

  • Podcasts kun på Podimo
  • 20 lydbogstimer pr. måned
  • Gratis podcasts

All episodes

171 episodes

episode Gitea Docker auth bypass exploited in wild artwork

Gitea Docker auth bypass exploited in wild

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] Today's episode focuses on a pattern that keeps repeating: when identity breaks, everything behind it is exposed. A Gitea configuration flaw allows full account impersonation, UniFi vulnerabilities open paths to remote code execution, and a breach claim highlights the real value of stolen tokens over raw data. For security and IT leaders, this is about control of trust boundaries. Defaults can collapse authentication. Management planes remain high-risk targets. And long-lived credentials continue to expand blast radius when incidents happen. At the same time, AI agents are changing traffic patterns in ways that make traditional monitoring less reliable, forcing teams to rethink what "normal" even means. We also cover new funding in private AI infrastructure, rising ransomware activity, governance shifts, and national-scale monitoring expansion. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

13. juli 20266 min
episode GhostLock kernel bug lets users get root artwork

GhostLock kernel bug lets users get root

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] A long standing Linux kernel bug is now a reliable privilege escalation path, just as patch timelines are collapsing and attackers begin operating at machine speed. This episode breaks down what changed and why it matters right now. For security and IT leaders, the message is consistent across all stories. Speed is now a primary control. Slow patch cycles, weak visibility into kernel versions, and delayed detection after identity compromise all translate directly into risk. At the same time, early examples of autonomous attack chains suggest defenders are no longer dealing with human paced intrusions. We also cover shifts in ransomware targeting, supply chain exposure from major vendors, and why identity hygiene continues to drive most breaches. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Yesterday6 min
episode Fake Entra passkey enrollment steals Microsoft 365 artwork

Fake Entra passkey enrollment steals Microsoft 365

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] Passkeys are not being broken. They are being bypassed at enrollment. Attackers are using fake Microsoft Entra setup flows to trick users into binding attacker-controlled credentials, turning a security upgrade into an access grant. For security and IT leaders, this shifts the focus from authentication strength to identity lifecycle control. Enrollment, recovery, and device binding are now high-risk operations. At the same time, a CISA-linked secrets leak shows how basic controls still fail without enforcement, and Progress advising customers to shut down ShareFile controllers highlights the real-world impact of unmanaged infrastructure risk. Add in ransomware using a Microsoft-signed driver to disable defenses, and the pattern is clear: attackers are moving to the trust layers you assume are safe. Also covered: a major credential-driven breach, insider risk in incident response, WordPress plugin compromise, Citrix exploitation markets, and growing regulatory concern around AI-driven cyber risk. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

11. juli 20266 min
episode Wiz: GhostApproval breaks AI coding sandboxes artwork

Wiz: GhostApproval breaks AI coding sandboxes

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] AI coding assistants are introducing a new class of risk by reusing old attack techniques in ways most teams are not prepared for. A recent finding shows these tools can be tricked into writing outside their sandbox, while still showing safe paths to users, breaking the trust model many teams rely on. This matters because AI agents are now embedded in developer workflows with real access to code and systems. If their guardrails are unreliable, they become a new execution layer that must be treated as untrusted. At the same time, regulators in Europe are escalating enforcement, and identity-driven breaches continue to expose how fragile access controls remain. Also covered: NIS2 enforcement actions, a 6.9 million record breach tied to a single employee account, and rising risks across AI supply chains and credential exposure. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

10. juli 20265 min
episode HalluSquatting weaponizes coding agents via fake packages artwork

HalluSquatting weaponizes coding agents via fake packages

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] AI coding agents are introducing a new kind of risk: silent, large-scale code execution driven by model hallucination. Attackers are exploiting this behavior by registering fake packages that agents are likely to fetch and run, turning development environments into entry points without any user interaction. This matters because it shifts security from user-driven mistakes to system-level trust failures. At the same time, a reported Accenture breach highlights how exposed tokens and keys can create downstream risk across entire client ecosystems. Meanwhile, IBM and Red Hat are pushing signed, pre-remediated dependencies to move security earlier in the software supply chain, and new data shows identity weaknesses still dominate real attack paths. Also covered: a long-standing Linux flaw, a major credential-driven breach, autonomous SOC response, unpatched edge devices, and evolving AI phishing tactics. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

9. juli 20266 min