Dark Reading

Google 'ImageRunner' Bug Enabled Privilege Escalation

A GCP Cloud Run known as "ImageRunner" would have enabled privilege escalation for threat actors who obtained low-level credentials had Google not addressed the vulnerability in January. Tenable on ...
TechRepublic

New Splunk Windows Flaw Enables Privilege Escalation Attacks

Splunk for Windows has a high-severity flaw that lets local users escalate privileges through misconfigured file permissions. Learn how to fix it. Image generated by Google’s Nano Banana A newly ...
CIO

How BeyondTrust detects privilege escalation and dark web threats

In this episode of DEMO, host Keith Shaw sits down with Morey Haber, Chief Security Advisor at BeyondTrust, to explore a powerful new platform: Identity Security Insights. As cyberattacks increasingly ...
Infosecurity-magazine.com

JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

A critical security vulnerability affecting the JumpCloud Remote Assist for Windows agent has been identified, exposing managed endpoints to local privilege escalation and denial-of-service (DoS) ...
Dark Reading

Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking

BLACK HAT USA – Las Vegas – Thursday, Aug. 7 — A privilege escalation issue in Amazon's Elastic Container Service (ECS) could be used by an attacker to steal credentials and access other cloud ...
CSOonline

Microsoft Entra’s billing roles pose privilege escalation risks in Azure

Guest users with certain billing roles can create and own subscriptions, potentially gaining persistence and privilege escalation within an organization’s Azure environment. Threat actors can abuse ...