RC RANDOM CHAOS

cicd-security

2 posts

dd writes raw sectors below the filesystem
Article

dd writes raw sectors below the filesystem

Why the Unix dd command is a real security primitive: raw block writes below the filesystem, wiper TTPs, exfiltration, and the telemetry gap defenders miss.

How Trust in Open-Source Updates Becomes a Systemic Failure Mode
Article

How Trust in Open-Source Updates Becomes a Systemic Failure Mode

A structural analysis of how trust in open-source updates becomes exploitable when systems assume past safety implies future safety, using the Trivy compromise as a case study.