DevSec Selection #14 – CORS, ArtiPACKED Race Condition, 1Password CVE

August 18, 2024

Intro

Hi everyone!

In this edition, I highly recommend an article about Cross-Origin Resource Sharing (CORS). It’s an excellent resource for web application developers and web security enthusiasts, as it covers the fundamental aspects of CORS in detail.

If you’re interested in CI/CD security or use GitHub services, I suggest checking out the ArtiPACKED research conducted by Palo Alto’s Unit 42. This research uncovers interesting security issues that could allow the exfiltration of GitHub tokens from CI jobs.

On the less technical side, you’ll find an article discussing CrowdStrike’s legal actions against entities criticizing the global IT outage caused by the vendor. Additionally, I’ve included information about a 1Password CVE affecting macOS users – update recommended.

Enjoy the materials and stay secure!

Materials

What is CORS and why it’s needed for modern web applications? CORS (Cross Origin Resource Sharing) is crucial mechanism for secure web applications. It allows servers to control which domains can access their resources, enhancing security. This article explains CORS comprehensively, addresses common pitfalls, and offers implementation tips for developers, especially beginners.

Who is using legal threats to suppress criticism and parody of a global IT outage and facing backlash from their customers? CrowdStrike. The article discusses CrowdStrike’s attempts to take down parody websites and criticism, including threats against customers like Delta. It highlights the potential legal battles and financial implications for CrowdStrike as a major player in the cybersecurity industry.

This article discusses how GitHub Actions artifacts can expose sensitive tokens, potentially allowing malicious actors to push code changes or access credentials. Vulnerable projects owned by major companies were identified and secured. Learn about the risks, the methods to protect against them, and a potential race condition exploit made possible by GitHub’s new artifact features.

What is cyber threat intelligence and how can you build it for free at home? This article explains the importance of threat intelligence in identifying cyber attacks, understanding indicators of compromise and advanced persistent threats. It introduces OpenCTI, an open-source platform for managing cyber threat intelligence data, and provides a guide to setting it up using Docker to access threat feeds, IOCs, and more. Ideal for those interested in enhancing their cybersecurity knowledge and skills.

How can developers fix vulnerabilities faster and more efficiently? Learn about GitHub’s AI-powered remediation tool, Copilot Autofix, which helps developers analyze and fix vulnerabilities quickly. This tool significantly reduces the time it takes to remediate security issues, improving code security outcomes. Developers have reported a 3x faster fix rate, simplifying the process of addressing security vulnerabilities in both new and existing code. Copilot Autofix streamlines security tasks, providing explanations and code suggestions to enhance code security and productivity.

Learn how a type confusion bug (CVE 2024 5830) in V8 engine leads to RCE. Understand how object maps and transitions work in V8, crucial in optimizing property access. Recommended for developers interested in Chrome security and JavaScript engine fundamentals.

A security issue allowed attackers to bypass macOS security mechanisms, potentially stealing sensitive information. Users of versions before 8.10.38 should update to prevent exploitation. This attack requires local access and no user interaction but doesn’t directly access other computer resources. Special thanks to Robinhood’s Red Team for responsibly disclosing the issue.

Interesting Article?

Join DevSec Selection!

DevSec Selection is a bi-weekly Newsletter with the latest outstanding articles related with DevSecOps and application security.


Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments