The research report that recently came out from GRIMM “New Old Bugs in the Linux Kernel,” with details on three exploitable vulnerabilities they’ve found in Linux, industry expert provides insight below.
<p>The findings by GRIMM are the reason why classic vulnerability scanning and testing are not enough. This requires consistent threat emulation and threat modeling with not only pentesters but also bug bounty hunters and threat hunters on the team specializing in Linux-based systems to assist in identifying these flaws. This pushes a CIRT to become more mature in its processes of people, and technological understanding of what\’s under the hood of their systems. The main concern is if the vulnerability is remotely accessible, and in this case it is not. It seems that the coercion to get it installed is a social engineering vector which seems low probability and main contributing factor to the exploit. The novelty is in this finding which has existed for over a decade. The finding is commendable nonetheless and displays the dynamic skill sets required in mixed environments.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics