Privilege Escalation
Cloud Security: Maintaining Least Privilege
Reading Time: 8 minutes There are four main identity risks that determine the necessity of least privilege. These include the separation of duty, dormant identities, privilege escalation, and toxic combinations ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
Zoom Exploit on MacOS
This vulnerability was reported to Zoom last December: The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or ...
Elevating Privileges with Authentication Coercion Using DFSCoerce
Background In our previous blog post, we talked about the recently-published DFSCoerce utility which is useful for forcing NTLM or Kerberos authentication by interacting with the Distributed File Service (DFS) over Remote ...
Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS
Overview In AWS, sts:AssumeRole is an action within AWS’s Security Token Service that allows existing IAM principals to access AWS resources to which they may not already have access. For example, Role ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 25, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
Record High Ransomware Payouts in 2021 as Extortion Evolves
Flush with cash from successful ransomware campaigns, cybercriminals are investing in more sophisticated technology and using new tactics to drive up ransomware payments even further, with the Conti ransomware group responsible for ...
DEF CON 29 Adversary Village – Carlos Polop’s ‘New Generation Of PEAS’
Our thanks to DEFCON for publishing their outstanding DEFCON 29 Adversary Village videos on the Conferences’ YouTube channel. Permalink ...
Azurescape Vulnerability: More Evidence that Microsoft Should Leave Security to the Experts
It’s been a busy couple weeks for Microsoft—and not in a good way. Following the news that a configuration error left Azure cloud customer data exposed to potential compromise, and a security ...
This Mouse Gives you Admin on Windows
Razer gaming mice come with a classic elevation of privilege bug. And one that’s incredibly simple to exploit: Just plug in a mouse ...