Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Featured Post
securitysenses

Experts offer advice for Data Protection and Privacy Day 2022

Jan 28, 2022 By SecuritySenses In SecuritySenses
Data Protection Day as it's marked across Europe, or Data Privacy Day, internationally, is an annual marker in a very challenging cybersecurity challenging calendar. Consumer data is regularly stolen, and enterprises and public sector organisations are often in the headlines because of incessant attacks from cybercriminals as well as from accidental privacy misadventures.
Read Post
manageengine

Five worthy reads: Into the metaverse

Jan 28, 2022 By ManageEngine In ManageEngine

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we will explore the concept of the metaverse and what it holds for the future of technology and user experience. Illustration by Dorathe Victor When Facebook changed its name to Meta in September 2021, a new buzzword took over the tech world: the metaverse.

Read Post
datadog

The PwnKit vulnerability: Overview, detection, and remediation

Jan 28, 2022 By Zack Allen In Datadog

On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.

Read Post
alienvault

M&A Trending In Cybersecurity Industry Vertical For 2022

Jan 28, 2022 By Chuck Brooks In AT&T Cybersecurity

Nowadays you need a scorecard to keep track of the monthly acquisitions and mergers in the cybersecurity industry. Mergers and acquisition (M&A) of products, capabilities, and companies has become a common strategy for business and market growth. Even through the Covid19 pandemic, trends in acquisition and consolidation of information security oriented companies remained quite strong. In fact, the volume of U.S.

Read Post
CrowdStrike

Lessons Learned From Successive Use of Offensive Cyber Operations Against Ukraine and What May Be Next

Jan 28, 2022 By CrowdStrike Intelligence Team In CrowdStrike

Disruptive and destructive cyber operations have been levied against elements of Ukrainian society by adversaries attributed to the Russian government — or groups highly likely to be controlled by them — since at least 2014. These operations have impacted several sectors, including energy, transportation and state finance, and have attempted to influence political processes and affect businesses more broadly within the country.

Read Post
sysdig

Detecting and mitigating CVE-2021-4034: "Pwnkit" local privilege escalation

Jan 28, 2022 By Jason Avery In Sysdig

A new advisory from Qualys discloses a local privilege escalation bug in SUID-set program ‘pkexec’. The flaw has been designated the CVE ID of CVE-2021-4034 and nicknamed “pwnkit” by the vulnerability finders. The CVSSv3 base score is calculated to be a high 7.8 out of 10.0. The vulnerable program is a part of Polkit, which manages process privileges.

Read Post
Trustwave

How Data Privacy Has Evolved in the Age of the Breach

Jan 28, 2022 By Luke Kenny In Trustwave

As Data Privacy Day once again rolls around, we can look back at some healthy improvements when it comes to privacy that organizations made over the previous 12 months. We can also use this yearly reminder on such an important topic to look forward to the coming year to pinpoint where additional changes are needed.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.