Stranger Danger Live Hacking Session CNAS
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
How to detect sudo's CVE-2021-3156 using Falco
A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility built in almost all Unix-like based OSes. This includes Linux distributions, like Ubuntu 20 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). This popular tool allows users to run commands with other user privileges.
More Security Tools Doesn't Always Mean More Security. It Might Even Mean Less.
Even before the pandemic, many companies were undergoing significant transformation as they transitioned to cloud or hybrid architectures and grappled with problems caused by tool sprawl due to the quick adoption of many disparate tools. For some, COVID-19 and the rush to remote work fueled and exacerbated these challenges.
Create and Run an Unauthenticated Dynamic Analysis
In this video, you will learn how to create, configure, and schedule an unauthenticated Dynamic Analysis. An unauthenticated Dynamic Analysis scan is appropriate when the site you are scanning does not require a login. Veracode Dynamic Analysis also supports the scanning of websites that require authentication, such as such as login via a webform, browser based, or NTLM.
Emotet botnet takedown - what you need to know
What’s happened? Law enforcement agencies across the globe say that they have dealt a blow against Emotet, described by Interpol as “the world’s most dangerous malware”, by taking control of its infrastructure. Police have dubbed their action against Emotet “Operation LadyBird.”
The Economics of Data Loss Prevention
In 2017, The Economist announced that the world’s most valuable resource is no longer oil – it’s data. Since the phrase “big data” was coined in the 1990s, data has become increasingly important to virtually every aspect of running a business – not to mention how we conduct our daily lives. It’s no surprise that some of the most valuable companies are also those that capture the most user data. Take Facebook, for instance.
Detecting the Sudo Baron Samedit Vulnerability and Attack
On January 26th, 2021, Qualys reported that many versions of SUDO (1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1) are vulnerable (CVE-2021-3156) to a buffer overflow attack dubbed Baron Samedit that can result in privilege escalations. Qualys was able to use this vulnerability to gain root on at least Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2), some of the most modern and widely used Linux operating systems.
Coralogix - On-Demand Webinar: Outsmart the Hackers
Tips for Securing Your System Against Intruders When tackling modern security challenges, patching strategies and basic vulnerability scans are not enough. We need to change our mindset, get ahead of our vulnerabilities, and look at our company and our system through the eyes of a hacker.
Cybersecurity Community Insights - Crimson Webinar
A slight departure from our normal programming this month, to bring you a webinar, hosted by IT consultancy and recruitment firm Crimson, looking at the cybersecurity landscape in 2021. Our main man Ian Thornton-Trump (Cyjax's CISO) gives his pearls of wisdom, alongside two other experts in the field.
TeamTNT delivers malware with new detection evasion tool
AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a new detection evasion tool, copied from open source repositories. The purpose of this blog is to share new technical intelligence and provide detection and analysis options for defenders.