Vulnerability

Critical Capabilities for Mobile Vulnerability Management

Jan 29, 2022 By Lookout In Lookout

As organizations enable employees to work remotely, mobile devices and wireless networks will be key tools for maintaining communication and remaining productive. Allowing employees to work productively from any device and any location can open users to the risks that come with the shared nature of a mobile device. When your employees work from a personal device with access to corporate data, the device's health must be taken into account. It must be assessed for compliance with corporate security and risk policies.

View Video

Lookout

Read more about Critical Capabilities for Mobile Vulnerability Management

The PwnKit vulnerability: Overview, detection, and remediation

Jan 28, 2022 By Zack Allen In Datadog

On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.

Read Post

Datadog

Read more about The PwnKit vulnerability: Overview, detection, and remediation

Detecting and mitigating CVE-2021-4034: "Pwnkit" local privilege escalation

Jan 28, 2022 By Jason Avery In Sysdig

A new advisory from Qualys discloses a local privilege escalation bug in SUID-set program ‘pkexec’. The flaw has been designated the CVE ID of CVE-2021-4034 and nicknamed “pwnkit” by the vulnerability finders. The CVSSv3 base score is calculated to be a high 7.8 out of 10.0. The vulnerable program is a part of Polkit, which manages process privileges.

Read Post

Sysdig

Read more about Detecting and mitigating CVE-2021-4034: "Pwnkit" local privilege escalation

CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability

Jan 27, 2022 By Trustwave In Trustwave

During an investigation of a malware campaign, I discovered that multiple emails were bypassing a specific email security system. Interestingly, there were no bypass techniques used. Instead, the flood of spear-phishing emails made the email security system allow some of the emails, at which point I began my research on Microsoft Outlook. The issue in this case was that the specially crafted malicious link parsing on the security system was weak.

Read Post

Trustwave

Read more about CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability

Outpost24 Webinar - API security 101 and how to secure your web applications

Jan 27, 2022 By Outpost 24 In Outpost 24

APIs are a key part of modern web applications and a growing security challenge that isn’t well understood by developers and application security managers, leading to exposed APIs that give hackers access to sensitive data. Find out how to secure your APIs and prevent vulnerabilities from making it into production.

View Video

Outpost 24

Read more about Outpost24 Webinar - API security 101 and how to secure your web applications

CVE-2021-4034: A Walkthrough of Pwnkit - the Latest Linux Privileges Escalation Vulnerability

Jan 27, 2022 By Hagai Wechsler In Mend

Since 2009, more than 12 years ago, all major Linux distributions have been incorporating a high severity security hole that remained unnoticed until just recently. The vulnerability and exploit, dubbed “PwnKit” (CVE-2021-4034), uses the vulnerable “pkexec” tool, and allows a local user to gain root system privileges on the affected host. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems.

Read Post

Mend

Read more about CVE-2021-4034: A Walkthrough of Pwnkit - the Latest Linux Privileges Escalation Vulnerability

Press information: Detectify sees significant increase in detected vulnerabilities powered by its Crowdsource community

Jan 27, 2022 By detectify In Detectify

“Crowdsourced security provides a way for security teams to expand their efficiency, especially when it comes to managing their external attack surface,” said Rickard Carlsson, Co-founder and CEO of Detectify. “Hackers have eyes and ears all over the web, and they’re constantly monitoring attack surfaces for exploitable entry points.

Read Post

Detectify

Read more about Press information: Detectify sees significant increase in detected vulnerabilities powered by its Crowdsource community

Log4Shell in the Field - A Brief Analysis Through January 2022

Jan 27, 2022 By Ian McShane In Arctic Wolf

This is a follow-up to our previous blogposts covering the Log4j vulnerability and the Deep Scan tool we made available to help identify vulnerable systems. As we close the first month of 2022, we looked into the activity related to the Log4Shell vulnerability CVE-2021-44228 observed across our 2,3000+ customers. Many of you will empathize with the struggle to find all instances of the vulnerable Log4j component, especially at the scale that comes with having a large customer base.

Read Post

Arctic Wolf

Read more about Log4Shell in the Field - A Brief Analysis Through January 2022

Vulnerability of the Month: nanoid

Jan 27, 2022 By Snyk In Snyk

Learn about a new prolific vulnerability in an extremely popular package! We will dive in to the defective code as well as the fix!

View Video

Snyk

Read more about Vulnerability of the Month: nanoid

Trustwave Threat Hunting Guide: Identifying PwnKit (CVE-2021-4034) Exploitation

Jan 26, 2022 By Trustwave In Trustwave

The Trustwave Threat Hunting team has authored a practical guide to help the cybersecurity community address the Linux “polkit” Local Privilege Escalation vulnerability (CVE-2021-4034) by identifying common behavior in exploitation.

Read Post