Upcoming Webinars

WEBINAR - Gaining Root Access: Exploiting Linux Using a New Heap Overflow Vulnerability

March 2, 2021
12:00 PM EST

Register Now for this Webinar

Abstract:

Organizations operating using a heterogeneous environment realize the value of using Linux systems to provide specific services critical to the business. These systems are just as much under attack as their Windows counterparts, making it equally as important to understand how they are being compromised, as well as ensuring they receive security updates.

In the last year, we’ve seen attacks on Linux systems grow in number, with the latest in 2021, dubbed ‘Baron Samedit’, allows attackers to leverage several vulnerable versions of the admin command Sudo to elevate themselves from a normal user to one with root access to the Linux system.

In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia takes my seat in this webcast, and will cover:

  • Just how problematic are attacks on Linux
  • Some of the tactics and techniques used by attackers when Linux is the target
  • Mapping these attacks to the MITRE Framework

Nick will be joined by Kev Breen, Director Cyber Threat Research at Immersive Labs who will discuss the new Baron Samedit heap overflow vulnerability in Linux discovered by Qualsys in January of this year. Kev will take a look at this attack from two perspectives:

  • Running the exploit, including uploading, compiling, and executing the exploit to gain access
  • Planning a defense that includes shipping audit logs, identifying the compromise, and responding to the attack

Kev will also provide a simulated attack that will test your decision-making skills to quickly and accurately respond using an attack scenario that mimics this kind of attack.

This real training for free event will be jam packed with technical detail and real-world application. Register today!

Register Now for this Webinar

Looking for a past event?

Visit our pre-recorded webinars page

See All Webinars

We help businesses to increase and evidence human capability in every part of cybersecurity.