Vulnerability

Fun with ciphers in copycat Wordles

Feb 2, 2022 By Micah Silverman In Snyk

Here at Snyk, we spend a lot of time researching vulnerabilities. We do that because there are a lot of other folks out there researching new ways to break into apps and systems. We’re often putting on our “grey hats” to think like a malicious hacker. I regularly view-source, look at network traffic and eyeball query strings. One such delicious little query string caught my attention this week on one of the many copycat Wordle sites.

Read Post

Snyk

Read more about Fun with ciphers in copycat Wordles

Log4Shell Live Hack: A Hands-on, Actionable Fix Guide

Feb 2, 2022 By Snyk In Snyk

In this live hack webinar on the Log4Shell exploit we give a brief overview of the vulnerability and dive right into some examples of the exploit in action. We then show several real-world remediation approaches as well as other fixes outside of code. We feature a final round of fun demos, including container and IaC hacks and Java-based game hacks. We wrap up with a great list of takeaway resources and answer your questions.

View Video

Snyk

Read more about Log4Shell Live Hack: A Hands-on, Actionable Fix Guide

Top 10 Uses of Website Vulnerability Scanner Tools

Feb 2, 2022 By Indusface In Indusface

The average cost of data breaches in 2021 was USD 4.24 million, the highest figure in at least 17 years. So, proactive, accurate, and effective identification of security vulnerabilities is non-negotiable and offers a solid basis for adequate security. By proactively identifying these vulnerabilities, weaknesses, and flaws in the application, website vulnerability scanner tools bring accuracy and efficiency in web application security.

View Video

Indusface

Read more about Top 10 Uses of Website Vulnerability Scanner Tools

Log4j Update: Brian Roche - Chief Product Officer

Feb 1, 2022 By Veracode In Veracode

Things we learned from the Log4j vulnerability.

View Video

Veracode

Read more about Log4j Update: Brian Roche - Chief Product Officer

The Impact of CVE-2022-0185 Linux Kernel Vulnerability on Popular Kubernetes Engines

Feb 1, 2022 By Itay Vaknin and Jonathan Sar Shalom In JFrog

Last week, a critical vulnerability identified as CVE-2022-0185 was disclosed, affecting Linux kernel versions 5.1 to 5.16.1. The security vulnerability is an integer underflow in the Filesystem Context module that allows a local attacker to run arbitrary code in the context of the kernel, thus leading to privilege escalation, container environment escape, or denial of service.

Read Post

JFrog

Read more about The Impact of CVE-2022-0185 Linux Kernel Vulnerability on Popular Kubernetes Engines

Snyk integrates with AWS CloudTrail Lake to simplify security audits

Feb 1, 2022 By David Lugo, David Schott In Snyk

Since organizations around the globe began investing more aggressively in their digital transformation by migrating and modernizing applications within the cloud, the value of audit logging has shifted. It has expanded from industries like finance and healthcare to nearly any company with a digital strategy.

Read Post

Snyk

Read more about Snyk integrates with AWS CloudTrail Lake to simplify security audits

Hunting pwnkit Local Privilege Escalation in Linux (CVE-2021-4034)

Feb 1, 2022 By Andrew Munchbach In CrowdStrike

In November 2021, a vulnerability was discovered in a ubiquitous Linux module named Polkit. Developed by Red Hat, Polkit facilitates the communication between privileged and unprivileged processes on Linux endpoints. Due to a flaw in a component of Polkit — pkexec — a local privilege escalation vulnerability exists that, when exploited, will allow a standard user to elevate to root.

Read Post

CrowdStrike

Read more about Hunting pwnkit Local Privilege Escalation in Linux (CVE-2021-4034)

CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root

Feb 1, 2022 By Miriam Iomin In Mend

A number of security vulnerabilities have been identified on the popular freeware, Samba, which implements the Server Message Block (SMB) protocol that allows users to access files, printers, and other commonly shared resources over a network. These flaws enable remote attackers the ability to execute arbitrary code with the highest privileges on affected installations. The most prominent is CVE-2021-44142, which affects all versions of Samba before 4.13.17.

Read Post

Mend

Read more about CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root

CVE-2022-0185: Kubernetes Container Escape Using Linux Kernel Exploit

Jan 31, 2022 By Manoj Ahuje In CrowdStrike

On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions.

Read Post

CrowdStrike

Read more about CVE-2022-0185: Kubernetes Container Escape Using Linux Kernel Exploit

Analyzing the PwnKit local privilege escalation exploit

Jan 29, 2022 By Kyle Suero, Matt Jarvis In Snyk

What do Linux vulnerabilities and natural disasters have in common? Something seemingly dormant can suddenly spring to life, exposing activity beneath the surface. Several days ago, a security researcher published a high-severity vulnerability named PwnKit that impacts most major Linux distributions. The scary part? It’s existed since May of 2009. Polkit is a component for controlling privileges in Unix-like operating systems and is included by default on most major Linux distributions.

Read Post