Thursday, September 11, 2025

Platform

The Golden dMSA technique allows threat actors to establish domain persistence despite Microsoft's introduction of Windows Server 2025's delegated Managed Service Account (dMSA) feature. To detect this exploit, SOC teams should enable logging and engineer detection rules, adopting a defense-in-depth approach. Enabling auditing for KDS Root Keys is also recommended.

Organizations must take ownership of their data and applications in the cloud to ensure compliance with regulatory requirements like PCI-DSS and HIPAA. Cloud providers play a role, but organizations are responsible for implementing best practices such as data classification, access controls, and incident response to meet security obligations effectively.

GitLab has released patch versions 18.3.2, 18.2.6, and 18.1.6, addressing critical security vulnerabilities and bugs. These updates, for self-managed installations, include fixes for denial-of-service attacks, information disclosure, and other issues. They require no downtime and offer detailed information for upgrading to ensure system stability.

A vulnerability in ArgoCD allows attackers to exfiltrate Git credentials by creating a malicious DNS record that redirects the repository server to an attacker-controlled service. This bypasses authentication checks and enables capture of GitHub credentials and JWT tokens through HTTP/HTTPS connections, all facilitated by the "Argexfil" proxy service setup.

Linux theming faces significant challenges due to a lack of cooperation among developers, making it difficult to achieve consistent and frustrating experiences. The author likens this to "The Rice of Babel," where avoidable issues hinder proper customization, with instability and unsatisfactory solutions plaguing GUI programs across desktop environments.

A new benchmark has been set for Linux gaming performance on AMD Radeon graphics cards, with games like Cyberpunk 2077 and Red Dead Redemption 2 delivering smooth experiences. The author highlights various configurations and a compatibility issue with one game, but notes that Terminator Resistance runs well, showcasing the platform's potential.

A new Kubernetes feature allows users to store environment variables in a file within an emptyDir volume, simplifying app authoring and opening up new use cases. To use this feature, users define their variables in the pod spec using a fileKeyRef field, ensuring sensitive data is protected against unauthorized access.

The author of RekoSearch, a SaaS platform for semantic search, spent 18 months building it after facing numerous technical challenges such as authentication and scalability issues. They overcame these obstacles using AWS services and Rust programming language before gaining significant knowledge and now work on improving RekoSearch with new features like API key systems.

The Jenkins Update Center will begin enforcing HTTPS protocol on August 6, 2025, impacting all users without causing functional changes. This change follows previous automatic migrations and ensures controllers using HTTPS for the Update Center are updated. Users with outdated configurations or plain-HTTP requests will be redirected to HTTPS.