Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Analyzing the PwnKit local privilege escalation exploit

Jan 29, 2022 By Kyle Suero, Matt Jarvis In Snyk

What do Linux vulnerabilities and natural disasters have in common? Something seemingly dormant can suddenly spring to life, exposing activity beneath the surface. Several days ago, a security researcher published a high-severity vulnerability named PwnKit that impacts most major Linux distributions. The scary part? It’s existed since May of 2009. Polkit is a component for controlling privileges in Unix-like operating systems and is included by default on most major Linux distributions.

Read Post
datadog

The PwnKit vulnerability: Overview, detection, and remediation

Jan 28, 2022 By Zack Allen In Datadog

On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.

Read Post
teleport

What a Modern Privileged Access Management (PAM) Solution for Cloud-Native Applications Looks Like

Jan 28, 2022 By Sakshyam Shah In Teleport

Privileged Access Management (PAM) is a go-to solution to prevent privilege misuse and insider threats, and limit malware propagation. After all, properly protecting and monitoring the keys to the kingdom is always a good practice. Privileged Access Management has been even more critical in recent times. With the advent of the cloud where infrastructure is provisioned with a single API call and authenticated with a single API key, the risk of someone misusing these credentials is far higher.

Read Post
datadog

Elevate AWS threat detection with Stratus Red Team

Jan 27, 2022 By Christophe Tafani-Dereeper In Datadog

A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.

Read Post

Enabling compliance for database access

Jan 27, 2022 By Teleport In Teleport
Description: Enterprise databases hold an organization's most sensitive information and need to be protected. Beyond that, organizations must also demonstrate compliance with frameworks like FedRAMP, HIPAA, SOC2, GDPR and more for these databases. Complying with these frameworks without slowing down DBA teams is a challenge. This webinar will demonstrate how to unify access controls for connectivity, authentication, authorization, and audit for popular OSS databases Postgres, MySQL and MongoDB so you can move fast but stay secure.
View Video

How to Keep Your Cloud Infrastructure Secure and Compliant

Jan 27, 2022 By Teleport In Teleport
In a world of hyperscale public clouds, dynamically provisioned environments, distributed teams and remote work, how can you reliably secure access to your infrastructure and satisfy compliance requirements without slowing down your development teams? Gus Luxton discusses the essential elements of secure infrastructure access and how you can implement best practices in your environment. Speaker: Gus Luxton.
View Video
chaossearch

Talent Shortage 2022: Stretching Your Lean DevSecOps Team

Jan 27, 2022 By George Hamilton In ChaosSearch
The cybersecurity talent shortage is real. As of December 2021, a job-tracking database from the U.S. Commerce Department showed nearly 600,000 unfilled cybersecurity positions. And a 2021 study found that 57% of cybersecurity professionals worked at organizations that have been directly impacted by the cybersecurity talent shortage. Even so, many organizations want to “shift security left” or build security best practices earlier into the software development lifecycle (SDLC).
Read Post
mend

CVE-2021-4034: A Walkthrough of Pwnkit - the Latest Linux Privileges Escalation Vulnerability

Jan 27, 2022 By Hagai Wechsler In Mend

Since 2009, more than 12 years ago, all major Linux distributions have been incorporating a high severity security hole that remained unnoticed until just recently. The vulnerability and exploit, dubbed “PwnKit” (CVE-2021-4034), uses the vulnerable “pkexec” tool, and allows a local user to gain root system privileges on the affected host. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.