Stratascale's Cybersecurity Research Unit (CRU) uncovered a local privilege escalation vulnerability in Sudo (CVE-2025-32462). By exploiting the host option, attackers can gain root access on affected Linux systems. A patch is available, review your systems to stay secure.
Stratascale’s Cybersecurity Research Unit (CRU) has identified a critical local privilege escalation vulnerability in Sudo (CVE-2025-32463). This flaw, tied to the chroot feature, allows any local unprivileged user to gain root access even without specific Sudo rules. Affected systems should be reviewed immediately to ensure a patched version is installed.
Traditional security tools and annual pentests can’t keep up. Continuous Threat Exposure Management (CTEM) delivers real-time visibility and risk-based prioritization to outpace attackers. Learn how CTEM turns reactive security into proactive protection.
Stratascale’s Cybersecurity Research Unit (CRU) discovered an information disclosure vulnerability in Ubuntu’s Apport crash reporting system (CVE-2025-5467). Improper file permissions allowed users in the same group to access sensitive crash data. Ubuntu has released a fix, update now to stay secure.
The final blog in our three-part series on continuous cloud security offers actionable ways to shift cloud security to the left to increase collaboration between security and DevOps teams, identify misconfigurations sooner, and minimize risk.
Stratascale's Cybersecurity Research Unit (CRU) discovered a local privilege escalation flaw in Microsoft Defender for Endpoint on Linux (CVE-2025-47161). The Osquery component allowed unprivileged users to gain root access. Microsoft has issued a patch—learn more to stay protected.
Stratascale's Cybersecurity Research Unit (CRU) recently discovered an elevation of privilege vulnerability in Microsoft Defender for Endpoint on Linux and disclosed the vulnerability to the Microsoft Security Response Center (MSRC) who assigned it CVE-2025-26684 and released a fix.
Read part two of our three-part series dedicated to helping you achieve continuous cloud security. In this article, we dive into Phase Two of the process, known as "Getting to Green."
Discover how the Kipling Method can help you elevate Zero Trust efforts by giving you a comprehensive view of access requests, strengthening your organization's security posture.
As cyber threats evolve, robust cloud security is essential for protecting your business. However, creating a continuous cloud security program can be complex. Our team simplifies this process into three phases to enhance your program's maturity. Explore part one of this three-part series now.
Learn how applying the KISS principle—Keep It Simple, Straightforward—to Zero Trust implementation can streamline processes, secure critical assets, and strengthen your organization's security posture.
Delve into this guide for actionable ways to equip your security team with the necessary knowledge and tools to turn cybersecurity into a strategic advantage and position your organization for lasting success.
Discover how comprehensive risk assessments, supply chain security evaluations, robust third-party risk management, and incident response planning can transform your supply chain into a resilient, secure component of your business strategy.
AI-enabled cyber threats are reshaping cybersecurity by enhancing phishing, enabling deepfakes, and automating malware, leading to more sophisticated and scalable attacks. Find out how you can fortify your defenses against these emerging threats with practical tactics.
The cybersecurity battlefield demands more than outdated defenses. Static "point-in-time" penetration testing isn't enough to combat today's sophisticated threats—it's like bringing a knife to a gunfight. Find out how continuous penetration testing (CPT) offers a proactive approach.