Privilege Escalation
Critical SLUBStick Exploitation Technique Threatens Linux Security
A new and highly-effective cross-cache attack named SLUBStick has emerged, targeting the Linux kernel with a remarkable 99% success rate in transforming a limited heap vulnerability into an arbitrary memory read-and-write capability ...
Google Vulnerability: ConfusedFunctions Leads To Data Access
Cybersecurity researchers, as of recent, have discovered a Google vulnerability impacting the Cloud Functions service. The Google vulnerability being categorized as one pertaining to privilege escalation, has been named ConfusedFunctions. In this ...
Hunting CVE-2024-30051
Hunting CVE-2024-30051 Desktop Window Manager Privilege EscalationOverviewCVE-2024-30051 is an out of bound write that has been identified in Desktop Window Manager that can be exploited to achieve privilege escalation to SYSTEM. The ...
5M WordPress Websites At Risk Amid LiteSpeed Plugin Flaw
A highly sensitive flaw has been identified in the LiteSpeed plugin of WordPress, which has put as many as 5 million websites at risk. Uncovered by the cybersecurity experts at Patchstack, the ...
Lazarus Hacker Group Actively Exploiting Windows Kernel Flaw
The cybersecurity world is abuzz with the revelation of Lazarus Group’s exploitation of a critical vulnerability in Windows Kernel. The Windows Kernel flaw, targeting CVE-2024-21338, has raised concerns due to its potential ...
ADCS ESC13 Abuse Technique
It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID group link to a given AD group. This configuration makes AD treat ...
Why Organizations Should Care About Privilege Escalation
Privilege escalation is a formidable and hidden threat to organizational security Oftentimes, when speaking with network engineers or other security professionals, I hear several of the same concerns and pain points continue ...
Alert: New DLL Variant Used For Malicious Code Execution
Recent research findings have brought to light a new DLL variant pertaining to search order hijacking techniques. As per recent reports, this dynamic link library variant could potentially be used by threat ...
Google Cloud Patched Privilege Escalation Vulnerability
Recently, Google Cloud addressed a medium-severity security vulnerability that could potentially be exploited by attackers with access to a Kubernetes cluster. This flaw, discovered and reported by Palo Alto Networks Unit 42, ...
Intel Reptar Flaw Patch For CPU Vulnerability Released
Intel recently released multiple fixes for a high-severity vulnerability dubbed Reptar. The CVE-2023-23583 has a CVSS score of 8.8 and, when exploited, has the potential for privilege escalation, information disclosure, and a ...
