Rich Mirch currently serves as the Principal Security Consultant for Offensive Security at Stratascale. With a robust career spanning over 19 years in the IT industry, Rich has dedicated the past eight years to mastering offensive security, making significant contributions to the cybersecurity landscape.
In his role, Rich is an integral part of the Cybersecurity Research Unit, where he leads efforts in penetration testing and offensive security development. His work is pivotal in helping organizations identify vulnerabilities and strengthen their security posture against potential threats.
Rich's expertise is underscored by his industry certifications, including the Offensive Security Certified Professional (OSCP) and Offensive Security Wireless Professional (OSWP), which highlight his proficiency and commitment to advancing security practices.
Stratascale's Cybersecurity Research Unit (CRU) uncovered a local privilege escalation vulnerability in Sudo (CVE-2025-32462). By exploiting the host option, attackers can gain root access on affected Linux systems. A patch is available, review your systems to stay secure.
Stratascale’s Cybersecurity Research Unit (CRU) has identified a critical local privilege escalation vulnerability in Sudo (CVE-2025-32463). This flaw, tied to the chroot feature, allows any local unprivileged user to gain root access even without specific Sudo rules. Affected systems should be reviewed immediately to ensure a patched version is installed.
Stratascale’s Cybersecurity Research Unit (CRU) discovered an information disclosure vulnerability in Ubuntu’s Apport crash reporting system (CVE-2025-5467). Improper file permissions allowed users in the same group to access sensitive crash data. Ubuntu has released a fix, update now to stay secure.
Stratascale's Cybersecurity Research Unit (CRU) discovered a local privilege escalation flaw in Microsoft Defender for Endpoint on Linux (CVE-2025-47161). The Osquery component allowed unprivileged users to gain root access. Microsoft has issued a patch—learn more to stay protected.
Stratascale's Cybersecurity Research Unit (CRU) recently discovered an elevation of privilege vulnerability in Microsoft Defender for Endpoint on Linux and disclosed the vulnerability to the Microsoft Security Response Center (MSRC) who assigned it CVE-2025-26684 and released a fix.