// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRF-01DTG 0600Z
ColdRecon / Brief Archive / Week of January 29, 2024
Signal Brief · Archived

Week of January 29, 2024

2024-01-29 — 2024-02-04 · 2 PUBLIC EVENTS · GENERAL / NON-PERSONALIZED

In the week of January 29, 2024, ColdRecon logged 2 public endpoint-security events from open-source reporting — 1 research poc, 1 vuln disclosure. Vendors in the record this week: Microsoft, ESET.

The Week's Public Record

Events

2024-02-01
research poc
Practical BitLocker Bypass via TPM Bus Sniffing on Business LaptopsBitLocker TPM Sniffing
Researchers demonstrate a practical, low-cost attack to bypass Microsoft BitLocker's default TPM-only encryption on modern business laptops. By physically sniffing the communication bus between the discrete TPM chip and the CPU, the Volume Master Key (VMK) can be intercepted, allowing decryption of the disk. The attack requires physical access and works against common enterprise devices like Lenovo ThinkPads, HP EliteBooks, and Microsoft Surfaces.
2024-01-31
vuln disclosure
Unquoted Service Path Privilege Escalation in ESET Products for WindowsCVE-2023-7043
CVE-2023-7043 is a low-severity unquoted service path vulnerability in multiple ESET products for Windows. An attacker with local access and low privileges can place a malicious executable in a specific path, which then runs with NetworkService privileges on boot. This could allow limited privilege escalation and integrity impact.
Every event in this brief is a record in ColdRecon's canonical set, drawn from public open-source reporting and linked to its source. This is the general, non-personalized signal — published 7 days after the fact. The live daily brief, written for your deals, is for cleared officers.

This is last week, public. Get this morning's, written for you.

The live ColdRecon brief lands at 0600 daily — the same signal, filtered to your competitors and framed for your deals. Request clearance and tomorrow's is yours.

Request Clearance →