I would look at CISA’s Logging Made Easy project, which is based on Wazuh and Elastic with Kibana for visualization and dashboards.
- 0 Posts
- 5 Comments
Joined 1 year ago
Cake day: November 10th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
You definitely should bump it up the list, especially if you can handle ray tracing, though the raster lighting is also good.
Shouldn’t be this hard to find out the attack vector.
Buried deep, deep in their writeup:
RocketMQ servers
- CVE-2021-4043 (Polkit)
- CVE-2023-33246
I’m sure if you’re running other insecure, public facing web servers with bad configs, the actor could exploit that too, but they didn’t provide any evidence of this happening in the wild (no threat group TTPs for initial access), so pure FUD to try to sell their security product.
Unfortunately, Ars mostly just restated verbatim what was provided by the security vendor Aqua Nautilus.
Digital signature as a means of non repudiation is exactly the way this should be done. Any official docs or releases should be signed and easily verifiable by any public official.
Sigh, clickbait at its finest, why else would we click