Showing Posts From
April 2024
-
Max Keasley - 12 Apr 2024
Exploiting the AWS Client VPN on macOS for Local Privilege Escalation (CVE-2024-30165)
A local privilege escalation vulnerability was discovered in AWS Client VPN 3.9.0 for macOS. The flaw stemmed from an XPC service lacking proper client verification, allowing an attacker to uninstall the application and execute malicious scripts with root privileges. The vulnerability enabled unauthorized root-level actions through the XPC service's insufficient validation of message origins.
-
Mohit Gupta - 10 Apr 2024
Abusing search permissions on Docker directories for privilege escalation
A privilege escalation vulnerability was discovered in Docker environments where the /var/lib/docker directory has search permissions for other users. Low-privileged attackers can access container filesystems by exploiting these permissions. By modifying container startup scripts and leveraging host reboot capabilities, attackers can potentially gain root access on the host system.
- Benjamin Hull
Donato Capitella - 8 Apr 2024
Domain-specific prompt injection detection
A domain-specific machine learning approach was developed to detect prompt injection attacks in job application contexts using a fine-tuned DistilBERT classifier. The model was trained on a custom dataset of job applications and prompt injection examples, achieving approximately 80% accuracy in identifying potential injection attempts. The research highlights the challenges of detecting prompt injection in large language models and emphasizes that such detection methods are just one part of a comprehensive security strategy.