Pentest 101: SQL Injection | What is SQLi? | How to Avoid It?

Jan 27, 2022 By Astra In Astra
SQL injection is listed in both OWASP top 10 vulnerabilities and top 25 vulnerabilities by SANS. An attacker can hijack your database, delete critical information, or create a persistent backdoor by exploiting an SQL injection. 😰 You need penetration testing to detect and fix this critical vulnerability. Astra Security presents a crisp exploration of SQL injections - how they occur, how they affect a user, different categories of SQLi vulnerabilities, and the way in which you can avoid them.
View Video
mend

CVE-2021-4034: A Walkthrough of Pwnkit - the Latest Linux Privileges Escalation Vulnerability

Jan 27, 2022 By Hagai Wechsler In Mend

Since 2009, more than 12 years ago, all major Linux distributions have been incorporating a high severity security hole that remained unnoticed until just recently. The vulnerability and exploit, dubbed “PwnKit” (CVE-2021-4034), uses the vulnerable “pkexec” tool, and allows a local user to gain root system privileges on the affected host. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems.

Read Post

How to Keep Your Cloud Infrastructure Secure and Compliant

Jan 27, 2022 By Teleport In Teleport
In a world of hyperscale public clouds, dynamically provisioned environments, distributed teams and remote work, how can you reliably secure access to your infrastructure and satisfy compliance requirements without slowing down your development teams? Gus Luxton discusses the essential elements of secure infrastructure access and how you can implement best practices in your environment. Speaker: Gus Luxton.
View Video

CMMC Town Hall With Tom Tollerton, Dixon Hughes Goodman LLP | 1/26/22 | NeoSystems

Jan 27, 2022 By NeoSystems In NeoSystems
NeoSystems CMMC Town Hall Series: Join NeoSystems’ Chief Information Security Officer, Ed Bassett, for our weekly CMMC Town Hall designed for the Defense Industrial Base and GovCon community. Each session features special guests and offers an opportunity for attendees to ask questions regarding CMMC and cybersecurity. Topics covered include CMMC compliance requirements, how to prepare for CMMC certification, and the latest updates from the CMMC AB.
View Video
netwrix

How to Perform HIPAA Risk Assessment

Jan 27, 2022 By Dirk Schrader In Netwrix

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires healthcare entities to implement policies and procedures to safeguard the privacy and security of the protected health information (PHI) of patients. One core requirement is to perform risk assessments. This article explains what a risk assessment is according to HIPAA and offers guidance about the steps involved.

Read Post
CrowdStrike

New Docker Cryptojacking Attempts Detected Over 2021 End-of-Year Holidays

Jan 27, 2022 By Manoj Ahuje In CrowdStrike

Cryptocurrency mining has become very popular among malicious actors that aim to profit by exploiting cloud attack surfaces. Exposed Docker APIs have become a common target for cryptominers to mine various cryptocurrencies. According to the Google Threat Horizon report published Nov. 29, 2021, 86% of compromised Google Cloud instances were used to perform cryptocurrency mining.

Read Post
snyk

Tame the snake: Snyk shines a spotlight on Python security

Jan 26, 2022 By Snyk In Snyk
Today, 43% of all data breaches are directly linked to vulnerabilities found in applications. With the programming language Python reaching ever greater popularity in the developer space, Snyk has taken an in-depth look at security issues relating to the language and found that, "while 81% of the most popular Python packages are in a healthy state," roughly 20% of the security weaknesses identified by Snyk Code are related to Python projects.
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.