Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
Security company Qualys has uncovered a truly dangerous memory corruption vulnerability in polkit’s pkexec, CVE-2021-4034, dubbed “PwnKit”. Polkit, formerly known as PolicyKit, is a systemd SUID-root program. It’s installed by default in every major Linux distribution, which means that tens of millions of devices are vulnerable to this easily-exploitable bug. What makes this flaw even… Read more »
The use of Multi-Factor Authentication (MFA) has greatly increased in recent years, and it’s easy to see why. In October 2019, Microsoft stated, “Based on our studies, your account is more than 99.9% less likely to be compromised if you use MFA.” While the veracity and context of that statistic should probably be taken with… Read more »
