Privilege Escalation
Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert
Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol ...
Agent ID Administrator scope overreach: Service Principal takeover in Entra ID
TL;DR The Microsoft Agent Identity Platform (Preview) gives AI agents their own identities in Entra ID (blueprints, agent identities, agent users) so you can govern and secure them like any other principal. To manage that ...
Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit
What Are Shadow Admins in AD? A common problem we encounter within many customer AD environments are accounts that, at first glance, may appear innocuous, but that actually have hidden administrative privileges ...
Attackers Have Been Exploiting Cisco SD-WAN Zero-Day Flaw Since 2023
Cisco and Five Eyes agencies are alerting organizations to a highly sophisticated attack, where threat actors compromise a Cisco SD-WAN controller via a zero-day flaw, downgrade the device to an earlier software ...
Critical SLUBStick Exploitation Technique Threatens Linux Security
A new and highly-effective cross-cache attack named SLUBStick has emerged, targeting the Linux kernel with a remarkable 99% success rate in transforming a limited heap vulnerability into an arbitrary memory read-and-write capability ...
Google Vulnerability: ConfusedFunctions Leads To Data Access
Cybersecurity researchers, as of recent, have discovered a Google vulnerability impacting the Cloud Functions service. The Google vulnerability being categorized as one pertaining to privilege escalation, has been named ConfusedFunctions. In this ...
Hunting CVE-2024-30051
Hunting CVE-2024-30051 Desktop Window Manager Privilege EscalationOverviewCVE-2024-30051 is an out of bound write that has been identified in Desktop Window Manager that can be exploited to achieve privilege escalation to SYSTEM. The ...
5M WordPress Websites At Risk Amid LiteSpeed Plugin Flaw
A highly sensitive flaw has been identified in the LiteSpeed plugin of WordPress, which has put as many as 5 million websites at risk. Uncovered by the cybersecurity experts at Patchstack, the ...
Lazarus Hacker Group Actively Exploiting Windows Kernel Flaw
The cybersecurity world is abuzz with the revelation of Lazarus Group’s exploitation of a critical vulnerability in Windows Kernel. The Windows Kernel flaw, targeting CVE-2024-21338, has raised concerns due to its potential ...
ADCS ESC13 Abuse Technique
It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID group link to a given AD group. This configuration makes AD treat ...
