With the recent release of Ubuntu 24.04, we at Snyk Security Labs thought it would be interesting to examine the latest version of this Linux distribution to see if we could find any interesting privilege escalation vulnerabilities. I’ll let the results speak for themselves: During our research, we successfully identified a privilege escalation from the default user on a fresh Ubuntu Desktop installation to root.

Security spending is losing momentum with a third of CISOs reporting flat or reduced budgets this year. These numbers come from a recent annual survey of 755 cybersecurity decision-makers conducted by IANS Research. Decreased spending in the face of growing cyberattacks put pressure on security leaders to find better ways to optimize their processes. Fortunately, CISOs are discovering solutions for this problem by following the tried-and-true tactics of simplification, consolidation, and innovation.

With organizations continuing to build and enhance their mobile applications and developers embracing new ways of building applications to improve the speed to market and customer experiences, billions of dollars are invested in Appsec tools. However, 85% of these applications still contain known vulnerabilities, and most breaches occur at the application layer. Automated DAST helps in combating such vulnerabilities.

To use an authenticator app, you will need to choose one that suits your security preferences, scan the QR code or enter the key, securely store your backup codes and sign in to your account. An authenticator app verifies your identity by generating random numeric codes that you will enter with your username and password to access an account.

If you’ve realized your bank account got hacked, you are most likely panicked and want to secure your finances as soon as possible. You may even be wondering how something like this could have happened to you. Your bank account could have gotten hacked due to various cyber attacks, including brute force, phishing, SIM swapping, credit card skimming or Man-in-the-Middle (MITM).

I worry that a lot of my blog posts reveal that I’m getting older and older as the days go by, but I wanted to talk about teasmades and security automation. For those of you outside of the UK, and even those born in the UK within the past 30 years, there’s a distinct possibility you may read this and consider it to be a made-up word, but there is indeed such a thing as a teasmade – effectively a small machine for making tea that has a timer on it.

Traditional cybersecurity solutions are constantly being supplemented and enhanced by new technology and practices. Industry leaders know that keeping up with digital security advancements is the best way to ensure the success of every company and that customers rely on them. Understanding how experts merge cybersecurity and automation in different industries is an excellent way to embrace this expanding movement.

This piece answers whether the built-in security of macOS is enough to forgo a third-party antivirus solution, and how admins can document that security for a SOC 2 audit.

In this tutorial, we’ll break down how you can use osquery’s ATC feature to expand osquery’s data collection capabilities.