Home improvement retailers like Home Depot and Lowes are interesting places. Inside a typical store, one can find everyone from a guy looking to replace a leaky pipe, a couple shopping for new appliances, or a large contractor picking up hundreds of pieces of sheetrock for a major project. Trustwave's Security Colony is the cybersecurity version of a home improvement store. Security Colony is essentially a self-help site.
Alert overload is practically a given for security teams today. Analysts are inundated with new detections and events to triage, all spread across a growing set of disparate, disconnected security tools. In fact, they’ve burgeoned to such an extent that the average enterprise now has 45 cybersecurity-related tools deployed across its environment.
There has been a lot of talk about cyber weapons and the cyber dimension of global politics after the NotPetya and WannaCry attacks of 2017 and the Stuxnet worm, first discovered in 2010, when it was used to attack the control mechanisms of Iran’s uranium enriching centrifuges.
Organizations have moved business-critical apps to the cloud and attackers have followed. 2020 was a tipping point; the first year where we saw more cloud asset breaches and incidents than on-premises ones. We know bad actors are out there; if you’re operating in the cloud, how are you detecting threats? Cloud is different. Services are no longer confined in a single place with one way in or one way out.
Right on the heels of CVE-2022-4092, another local privilege escalation flaw in the Linux Kernel was disclosed on Monday, nicknamed “Dirty Pipe” by the discoverer. MITRE has designated this as CVE-2022-0847. Similar to the “Dirty COW” exploit (CVE-2016-5195), this flaw abuses how the Kernel manages pages in pipes and impacts the latest versions of Linux.
A few days ago, security researcher Max Kellermann published a vulnerability named DirtyPipe which was designated as CVE-2022-0847. This vulnerability affects the Linux kernel and if exploited, can allow a local attacker to gain root privileges. The vulnerability gained extensive media follow-up, since it affects all Linux-based systems with a 5.8 or later kernel, without any particular exploitation prerequisites.
/Over the past several years, cyberattacks have become increasingly more prevalent. As such, understanding cybersecurity has become increasingly important. Digital marketing has now become an entire industry, and as a result, there are more opportunities than before for malicious actors to carry out attacks. Marketers are now equally as vulnerable to cyber-attacks as other online professions. Therefore, marketers need to be aware of these areas where threats continue to emerge.
The Russian invasion of Ukraine has triggered an escalation in the number of state-sponsored actors targeting critical infrastructure with DDoS attacks. Criminal syndicates and smaller players are also exploiting the crisis. From fake fundraising efforts for Ukraine to account takeovers and high-velocity bot-driven attacks such as DDoS, BIN attacks, and terminal attacks, cybercriminals are stepping up their own attacks in an effort to benefit from the turmoil.
