With the overwhelming majority of the world’s servers running on Linux, it’s no wonder the number of vulnerabilities identified, as well as the number of attacks specifically on Linux systems has grown in the last year. Like any good “industry”, the world of cybercrime grows each day with new players looking to identify a piece of the market they can corner because of their experience and expertise.
And Linux is no exception; in fact, it’s one of the fastest-growing areas of interest to hackers looking for a foothold within an organization, a valuable data set, or both.
This year alone, Linux vulnerabilities enabling privilege escalation have been aplenty, with many found within the Linux kernel itself, making Linux a very promising target for cybercriminals.
In this real training for free session, 4-time Microsoft MVP, Nick Cavalancia, takes my seat as he first discusses the state of attacks on Linux, the multitude of privilege escalation CVEs this year, and the now-abundance of Linux hacking tools to wet the appetite.
Then you’ll hear from Joe Carson, Delinea’s Chief Security Scientist & Advisory CISO who will provide an overview of the ubiquity of privilege escalation pitfalls in a Linux environment while covering key topics of vertical and horizontal escalation and the most common attack techniques.
Joe will discuss and show a number of methods used to escalate privileges including:
- Kernel Exploits
- Programs or services running as root
- Scripts running as a root user
- Installed software
- Weak/reused/plaintext passwords
- SUID and SGID misconfigurations
- Abusing sudo-rights
He’ll also demonstrate the Linux Enumeration Script (LinEnum) as well as the Linux Privilege Escalation Awesome Script (LinPEAS).
This Real Training for Free session will be chock full of practical technical detail! Register now!