The Cmd Blog
A blog about security and protections
in Linux, DevOps, and the Cloud
Jan 29 2021 · 3 min read
Cmd Advisory: (Baron Samedit) Sudo Exploit CVE-2021-3156
By: Shashank Kittane Suryanarayana and Jake King
Sudo bug delivers an easy to exploit privilege escalation vulnerability for any system user. In July of 2011, a privilege escalation vulnerability was added to the Linux sudo program (Versions Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2) and lay dormant until researchers at Qualys identified it and published their…
Oct 22 2020 · 10 min read
2020 Shook Up Secure Remote Access and Monitoring… Here’s What You Can Do About It
By: Jennifer Ellard
Jake King and CTO Mike Sample discuss the latest release from HashiCorp, how Cmd and Boundary work together and reflect on the sophistication of Drovorub.
Oct 16 2020 · 4 min read
Making BPF easy with libbpf and Zig
By: Jake King
Heads up, this is a fairly detailed deep dive into some of what libbpf does and knowledge on BPF is required. Luckily I have you covered 🙂
Latest Tweets
';
Whoa! 😮 Just 33% reported having a dedicated security team responsible for #digitaltransformation Read more: https://buff.ly/3luLodz
#linux #linuxsecurity #cloudsecurity
In part one of this blog series, we shared three common #cloud incident response mistakes we’ve seen in the wild. In Part 2, we’ll share two more common problems we’ve found along the way. https://buff.ly/3jhWYWq
#LINUXtips #linuxsecurity #cybersecurity
How is a #travel and #hospitality company leveraging talent more efficiently with @cmd_security? Read how we saved the equivalent of 1.5 full-time security team members and $225,000 in headcount annual savings. https://buff.ly/3zMPLEI
#linux #linuxsecurity #cybersecurity
Subscribe
The latest in Linux defense, delivered to your inbox. Subscribe to know more about upcoming data
You May Also Like
Foundational Elements of Cloud Incidence and Response in 2021Â
Infrastructure Detection and Response (IDR) remains one of the more interesting topics I am asked to cover at Cmd, often in the context of modern cloud workloads and environments. Recently, I had the privilege of speaking at the ISACA North America conference, and covered a few of these topics in a little detail, you can…
5 Common Cloud Incident Response Mistakes, Part 2
At Cmd, we spend a lot of time in cloud environments, specifically Linux environments. When you are migrating applications to the cloud or transforming your digital footprint, it’s best to learn from those who have made mistakes and set yourself up for success with a solid plan. We’ve taken a deeper dive into some of…
5 Common Cloud Incident Response Mistakes, Part 1
At Cmd, we spend a lot of time in cloud environments, specifically Linux environments. When you are migrating applications to the cloud or transforming your digital footprint, it’s best to learn from those who have made mistakes and set yourself up for success with a solid plan. We’ve taken a deeper dive into some of…
The Curious Incident of the -EINVAL in the libbpf
“Is there any point to which you would wish to draw my attention?” “To the curious incident of the libbpf in the night-time.” “The libbpf returned -EINVAL in the night-time.” “That was the curious incident,” remarked Sherlock Holmes. At Cmd, the type of work we do often involves diagnosing a number of rather strange bugs…
Asymmetric relationships contribute to Cybersecurity failures
This blog series is written for security professionals whose security posture is moderate to high. Even those companies who have the basics in security covered can run into security challenges between digital transformation, cloud, or Linux environments. In this blog series, we’ll address a few we see from our customers and prospects. The first installment…
Cloud Security from Cmd is live on the Amazon Web Services Marketplace
It’s important to have your cloud-based security platform available to cloud architects and professionals. Cmd recently made part of it’s solution available to Amazon Web Services (AWS) customers. From the AWS marketplace, cloud gurus can select a trial of Cmd or one of our for-purchase Cmd products. Cloud Security, especially detection, is difficult for…
Activate Today
Gain best-in-class Linux observability in minutes... for free_
Cmd provides the fastest, easiest way to know what’s happening in your Linux environment, who’s logging in, what they are doing, processes they initiate and sensitive assets they access.
Activate Your Free Account arrow_forward
