BYOVD involves adversaries writing to disk and loading a legitimate, but vulnerable, driver to access the kernel of an operating system. This allows them to evade detection mechanisms and manipulate the system at a deep level, often bypassing protections like EDR. For the exploitation to succeed, attackers must first ensure the driver is brought on the target system. This is followed by the initiation of a privileged process to load the driver, setting the stage for further malicious activities.

This blog was originally published on MSSP Alert on October 16, 2024. MSSPs want to grow—but the complexity of modern security operations (SecOps) and the unique demands of the security services market make this challenging. In this post, we’ll look at how tools with public cloud or public cloud-like pricing—pricing that is usage- or consumption-based rather than fixed fee or license-based—can help MSSPs grow more effectively and efficiently.

At Teleport we love modern infrastructure and open-source software, but don't like static credentials and passwords. This created a challenge for us when deploying Temporal, an open-source workflow automation software on EKS: Temporal always requires a password to authenticate to the backend RDS database. To solve this problem, we turned to Teleport Machine & Workload Identity.

Product Name: Dynamic Dashboard Vulnerability: Stored XSS Vulnerable Version: >= 3.0.0, < 3.0.1 CVE: CVE-2024-47817 On October 5, 2024, the security researchers from Astra discovered a severe Stored Cross-Site Scripting vulnerability in Dynamic Dashboard’s paragraph widget. The widget, used for text and markdown, has inadequate input sanitization allowing attackers to inject malicious code.

We’re excited to share some big news: 1Password is officially joining the Rails Foundation!

Implement AI-driven security analytics faster on Elastic Cloud Serverless, the easiest way to harness the innovations of Elastic Security Elastic Security on Elastic Cloud Serverless is now generally available. You can launch a deployment in minutes — no prior experience required. Serverless projects are fully managed, minimizing total cost of ownership (TCO) and providing immediate access to the powerful features of the Elastic Search AI Platform and Elastic Security.

Identity is the new battleground in today’s rapidly evolving cyber threat landscape. Microsoft Active Directory (AD), a cornerstone of enterprise identity management, is a frequent target for attackers. For organizations, protecting these critical environments without adding complexity is essential. Many organizations struggle to get full visibility into changes made within Active Directory.

Mobile app security testing tools are like a unified command center for enterprise organizations. They automate the detection of potential threats, standardize testing protocols across agencies, help prioritize risks, and enable rapid response to the most critical threats. If your organization has several mobile applications developed by multiple third-party vendors, fragmented security oversight and inconsistencies in app development must be commonly observed.

Your organization shouldn’t delay getting a password manager because using a password manager provides visibility into employee password habits, strengthens secure password practices, protects employees from spoofed websites and minimizes the risk of data breaches. A password manager is a solution that helps your employees store, manage and share their login credentials, passkeys, important documents and more.