privilege
-
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to…
Read More » -
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is…
Read More » -
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw…
Read More » -
New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits
A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads…
Read More » -
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by…
Read More » -
Webinar: The Art of Privilege Escalation – How Hackers Become Admins
In the digital age, the battleground for security professionals is not only evolving, it’s expanding at an alarming rate. The…
Read More » -
29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services
A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million…
Read More » -
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its…
Read More » -
Microsoft’s January 2024 Windows Update Patches 48 New Vulnerabilities
Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for…
Read More » -
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be…
Read More »