Collaborate Disseminate
Several of the most popular extensible text editors for Unix environments could be misused by attackers to escalate privileges on targeted systems, SafeBreach researchers have found. They tested Sublime, Vim, Emacs, Gedit, Pico and its clone Nano on ma… Continue reading Privilege escalation on Unix machines via plugins for text editors
Protecting privileged accounts and actively responding to any potential compromises has become a critical initiative for many CISOs. Stolen credentials are at the heart of most all modern attacks and breaches. Attackers can easily obtain credentia… Continue reading 6 Tips for Securing Privileged Accounts in the Enterprise
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in Windows user without knowing that user’s password? He or she can perform the action if they have physical access to the target’s machine, but also remotely via Remote Desktop Protocol (RDP). The capability is not exactly secret, as it has been pointed out by a French security … More → Continue reading Hijacking Windows user sessions with built-in command line tools
Avecto has analyzed the security bulletins Microsoft released in the past year, and came to an important conclusion: an overwhelming majority of all the critical Microsoft vulnerabilities discovered and fixed in 2016 can be mitigated by simply removing admin rights across an organization. The numbers and percentages are as follows: 530 vulnerabilities affecting Microsoft products were reported in 2016, and of these 189 were of critical severity. Still, 94 percent of them could be mitigated … More → Continue reading Removing admin rights mitigates most critical Microsoft vulnerabilities
CyberArk announced at RSA Conference 2017 advanced insider threat detection capabilities available through the CyberArk Privileged Account Security Solution, to automatically detect and alert on high-risk privileged activity during user sessions and enable rapid response to in-progress attacks. With this release, CyberArk is delivering a new integration that provides deeper insights into privileged activity across an organization. A new data feed from CyberArk Privileged Session Manager into CyberArk Privileged Threat Analytics, both part of the … More → Continue reading Insider threat solution for rapid response to in-progress attacks