Decade-old bug in Linux world's sudo can be abused by any logged-in user to gain root privileges
https://www.theregister.com/2021/01/26/qualys_sudo_bug/

Lilbits: A new Linux-based tablet OS, and the latest Bond villain is… product placement?
https://liliputing.com/2021/01/lilbits-a-new-linux-based-tablet-os-and-the-latest-bond-villain-is-product-placement.html

Ubuntu 21.04 Will Use Wayland By Default - OMG! Ubuntu!
https://www.omgubuntu.co.uk/2021/01/ubuntu-21-04-will-use-wayland-by-default

Nitrux 1.3.7 Linux Distro Released With Patch For Sudo Vulnerability
--> kutt.it/J12qPz

Many WordPress Sites Affected by Vulnerabilities in 'Popup Builder' Plugin
http://feedproxy.google.com/~r/Securityweek/~3/IG0LAHgIPu0/many-wordpress-sites-affected-vulnerabilities-popup-builder-plugin

Multiple vulnerabilities patched recently in the popular WordPress plugin Popup Builder could be exploited to perform various malicious actions on affected websites.
read more (https://www.securityweek.com/many-wordpress-sites-affected-vulnerabilities-popup-builder-plugin)

TPG Capital Acquires Majority Stake in PAM Solutions Provider Centrify
http://feedproxy.google.com/~r/Securityweek/~3/FLr-za4qMLE/tpg-capital-acquires-majority-stake-pam-solutions-provider-centrify

Private equity firm TPG Capital on Thursday announced that it has agreed to acquire a majority stake in privileged access management (PAM) solutions provider Centrify.
Founded in 2004, Santa Clara, Calif.-based Centrify provides a platform designed to enforce least privilege access at scale, across enterprise networks.
read more (https://www.securityweek.com/tpg-capital-acquires-majority-stake-pam-solutions-provider-centrify)

Elusive Lebanese Threat Actor Compromised Hundreds of Servers
http://feedproxy.google.com/~r/Securityweek/~3/of5cA3gNT9w/elusive-lebanese-threat-actor-compromised-hundreds-servers

A threat actor believed to be tied to the Lebanese government has compromised hundreds of servers pertaining to organizations worldwide, while maintaining a low profile, threat intelligence firm ClearSky reveals.
read more (https://www.securityweek.com/elusive-lebanese-threat-actor-compromised-hundreds-servers)

Tanium Announces $150 Million Funding Investment From Ontario Teachers'
http://feedproxy.google.com/~r/Securityweek/~3/vwhxnb_oGyg/tanium-announces-150-million-funding-investment-ontario-teachers

Endpoint management and security solutions provider Tanium this week announced the sale of $150 million in common stock to Ontario Teachers’ Pension Plan Board.
Ontario Teachers’ made the funding investment through its Teachers’ Innovation Platform (TIP), which is involved in late-stage venture and growth equity investments in validated technologies.
read more (https://www.securityweek.com/tanium-announces-150-million-funding-investment-ontario-teachers)

Unemployment Fraud - Preying on Those Most in Need
http://feedproxy.google.com/~r/Securityweek/~3/GKsfqBNT_X8/unemployment-fraud-preying-those-most-need

The Covid-19 pandemic has been raging for nearly a year now.  With the pandemic has come a tremendous amount of uncertainty.  Many of us wonder when we will be able to return to normal life, when we will be able to see family and friends, and when we might resume those everyday activities we used to take for granted.
read more (https://www.securityweek.com/unemployment-fraud-preying-those-most-need)

SolarWinds attack repercussions: Managing your security risk
http://techgenix.com/solarwinds-attack-repercussions/

The ramifications from the massive SolarWinds attack are still being felt. Companies have gone beyond “How did this happen” to “Can it happen to us?”
The post SolarWinds attack repercussions: Managing your security risk (http://techgenix.com/solarwinds-attack-repercussions/) appeared first on TechGenix (http://techgenix.com/).

FBI Encounters: Reporting an Insider Security Incident to the Feds
https://www.darkreading.com/edge/theedge/fbi-encounters-reporting-an-insider-security-incident-to-the-feds-/b/d-id/1340016?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Most insider incidents don't get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?

In the age of technology, it is almost impossible to keep your privacy contained. With every year passing, more people start using mobile or web apps for a variety of purposes. These apps usually request access to personal information, payment information, other social media accounts, and even contact lists. While some apps may be reliable […]
The post What You Should Know About Mobile Or Web App Security and How To Achieve It (https://gbhackers.com/what-you-should-know-about-mobile-or-web-app-security-and-how-to-achieve-it/) appeared first on GBHackers On Security (https://gbhackers.com/).

Exabeam and Snowflake partner on cybersecurity analytics  SecurityBrief Australia
https://securitybrief.com.au/story/exabeam-and-snowflake-partner-on-cybersecurity-analytics

Deloitte buys Colorado-based cybersecurity firm R9B  Consulting.us
https://www.consulting.us/news/5431/deloitte-buys-colorado-based-cybersecurity-firm-r9b

After SolarWinds: Untangling America’s cybersecurity mess  Fortune
https://fortune.com/longform/solarwinds-hack-cybersecurity-us-companies-hacked-fireeye/