Observed Agent Sandbox Bypasses
https://voratiq.com/blog/yolo-in-the-sandbox/
#HackerNews #ObservedAgentSandbox #Bypasses #Security #Research #Cybersecurity #Threats #Exploit #Techniques
#Bypasses
:linux: New Ubuntu Linux Security Bypasses require manual Mitigations.
Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components.
#ubuntu #linux #bypasses #it #security #privacy #engineer #media #tech #news
![The three issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has them active by default. [Linux user namespaces allow users to act as root inside an isolated sandbox (namespace) without having the same privileges on the host.]
Researchers at cloud security and compliance company Qualys provides technical details for the three bypass methods.
<http://www.qualys.com/2025/three-bypasses-of-Ubuntu-unprivileged-user-namespace-restrictions.txt>
⚠️In a bulletin published on the official discussion forum [Ubuntu Discourse], the company shared the following hardening steps that administrators should consider:⚠️
• Enable kernel.apparmor_restrict_unprivileged_unconfined=1 to block aa-exec abuse. [not enabled by default]
• Disable broad AppArmor profiles for busybox & Nautilus, which allow namespace creation.
• Optionally apply a stricter bwrap AppArmor profile for applications like Nautilus that rely on user namespaces.
• Use aa-status to identify and disable other risky profiles.
<https://discourse.ubuntu.com/t/understanding-apparmor-user-namespace-restriction/58007>](https://files.mastodon.social/cache/media_attachments/files/114/274/295/733/416/069/original/3f70658994e2603e.jpeg)
OSS-SEC: Three bypasses of Ubuntu's unprivileged user namespace restrictions
https://seclists.org/oss-sec/2025/q1/253
#HackerNews #OSSSEC #Ubuntu #Security #Vulnerabilities #UserNamespace #Bypasses #OpenSource
"Reeves’s Commons statement will not mark the end of the review process on the government’s hunt for cuts, but will set out the first projects to be axed or curtailed."
#UKpolitics #Bypasses #Potholes #Rail #Hospitals #Stonehenge
New Variant of #DLL Search Order Hijacking #Bypasses #Windows 10 and 11 #Protections
https://thehackernews.com/2024/01/new-variant-of-dll-search-order.html
Silly #EDR #Bypasses and Where To Find Them
https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them.html
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst