Hacker News
- Mashing Enter to bypass full disk encryption with TPM, Clevis dracut and systemd https://pulsesecurity.co.nz/advisories/tpm-luks-bypass 127 comments
- Zerotier – multiple vulnerabilities lead to private network access https://pulsesecurity.co.nz/advisories/Zerotier-Private-Network-Access.html 42 comments
- Extracting Bitlocker Keys from a TPM https://pulsesecurity.co.nz/articles/TPM-sniffing 40 comments
Lobsters
- Mashing Enter to bypass full disk encryption with TPM, Clevis, dracut and systemd https://pulsesecurity.co.nz/advisories/tpm-luks-bypass 3 comments security
- OMGCICD - Attacking GitLab CI/CD via Shared Runners https://pulsesecurity.co.nz/articles/OMGCICD-gitlab 6 comments programming
- OMGCICD - Attacking GitLab CI/CD via Shared Runners https://pulsesecurity.co.nz/articles/OMGCICD-gitlab 3 comments netsec
- Mashing Enter to bypass full disk encryption with TPM, Clevis, dracut and systemd https://pulsesecurity.co.nz/advisories/tpm-luks-bypass 12 comments programming
- Mashing Enter to bypass Linux full disk encryption with TPM, Clevis, dracut and systemd https://pulsesecurity.co.nz/advisories/tpm-luks-bypass 28 comments netsec
- Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking https://pulsesecurity.co.nz/advisories/Azure-Devops-Command-Injection 5 comments netsec
- A few Tailscale tricks for security testers https://pulsesecurity.co.nz/articles/some-tailscale-tricks 3 comments netsec
- You can still CSRF POST requests under the default browser SameSite cookie policy. How to jump through the required hoops. https://pulsesecurity.co.nz/articles/samesite-lax-csrf 4 comments netsec
- Zerotier - Multiple Vulnerabilities https://pulsesecurity.co.nz/advisories/Zerotier-Private-Network-Access 26 comments selfhosted
- Untitled Goose Game Insecure Deserialization/Code Execution https://pulsesecurity.co.nz/advisories/untitled-goose-game-deserialization 47 comments netsec
- Extracting BitLocker keys from a TPM https://pulsesecurity.co.nz/articles/tpm-sniffing 55 comments netsec