In the last few days, Linux maintainers disclosed a broadly available Linux kernel vulnerability that enables attackers to escape containers and get full control over the node. To be able to exploit this vulnerability, the attacker needs to be able to run code in the container and the container must have CAP_SYS_ADMIN privileges. Linux kernel and all major distro maintainers have released patches.

Did you know that the household data of 123 million Americans were recently stolen from Alteryx’s Amazon cloud servers in a single cyberattack? But the blame for this cannot fairly be laid at the feet of Jeff Bezos. No – the origin of this theft, and many other cybersecurity crimes began long before this data was uploaded to any cloud server. In another high-level cyberattack, financial data on 47,000 Americans was exposed on an S3 bucket from the US National Credit Federation in 2017.

Did you know that the household data of 123 million Americans were recently stolen from Alteryx’s Amazon cloud servers in a single cyberattack? But the blame for this cannot fairly be laid at the feet of Jeff Bezos. No – the origin of this theft, and many other cybersecurity crimes began long before this data was uploaded to any cloud server. In another high-level cyberattack, financial data on 47,000 Americans was exposed on an S3 bucket from the US National Credit Federation in 2017.

On June 23, 2021, threat actors reported that they had stolen a terabyte of data from Saudi Aramco, a state-owned oil company in Saudi Arabia. The threat actors released samples of data they had procured after redacting critical information. They also claimed to have detailed information on Aramco’s employees, such as their full names, photographs, passport scans, emails, phone numbers, residence permit (Iqama card) numbers, job titles, employee ID numbers, and family information.

Single sign-on, or SSO, is a valuable addition to your enterprise security arsenal. It doesn’t protect against every threat, but it can reduce your attack surface, lower IT costs, and provide a better login experience for your employees.

In what is being described as the most significant update to the scheme since it launched in 2014, the National Cyber Security Centre (NCSC) has announced that the technical controls for Cyber Essentials and Cyber Essentials Plus will be updated as of 24th January 2022. The change is to bring the scheme in-line with the evolving cyber security challenges that organisations now face, particularly around the adoption of cloud services and hybrid working.

The results from the 2021 Global Security Attitude Survey paint a bleak picture of how organizations globally are feeling about the cybersecurity landscape before them. Organizations are grappling with shortages of cybersecurity skills and a lack of capability to detect and contain intrusions in a timely way.

This week, Linux maintainers and vendors disclosed a heap overflow vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and Exposures ID of CVE-2022-0185 and is rated as a High (7.8) severity. The flaw occurs in the Filesystem Context system when handling legacy parameters. An attacker can leverage this flaw to cause a DDoS, escape container environments, and elevate privileges.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24.

In the wake of the takedown of the REvil/Sodinokibi ransomware gang by the Russian Federal Security Service (FSB) on January 14, Eastern-European cybercriminals are feeling the ground shake. In the days following the FSB action, Trustwave SpiderLabs researchers have analyzed a slew of Dark Web chatter and have found that this potential new world is breeding fear in that community.