Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks.
Cloud security firm Wiz, in aΒ reportΒ shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users.
"The impacted Ubuntu versions are prevalent in the cloud as they serve as the default
As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development.Β
Placing security at the very end of the
A new fileless attack dubbedΒ PyLooseΒ has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal.
"The attack consists of Python code that loads an XMRig Miner directly into memory usingΒ memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar GiladΒ said. "This is the first publicly
Login
FreshRSS