cicd-security
2 posts
Article
dd writes raw sectors below the filesystem
Why the Unix dd command is a real security primitive: raw block writes below the filesystem, wiper TTPs, exfiltration, and the telemetry gap defenders miss.
Article
How Trust in Open-Source Updates Becomes a Systemic Failure Mode
A structural analysis of how trust in open-source updates becomes exploitable when systems assume past safety implies future safety, using the Trivy compromise as a case study.