Privilege escalation explained: Why these flaws are so valuable to hackers

Attackers use privilege escalation flaws to gain access to systems and applications. Patching and monitoring are the most important ways to stop them.

1 2 Page 2
Page 2 of 2

CyberArk has released various open-source tools that can be used to detect DLL hijacking, find shadow admins in AD environments, manage secrets and application identities, scan Kubernetes clusters for risky permissions and more. Other commercial products and free tools can scan cloud deployments for insecure configurations including IAM roles.

After designing their networks and cloud infrastructures following least privilege principles, organizations should regularly hire external security teams to perform penetration testing with a focus on privilege escalation. Since most automated attacks rely on exploit chains that combine multiple vulnerabilities, breaking one link in that chain can prevent the whole attack from succeeding.

Copyright © 2020 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
22 cybersecurity myths organizations need to stop believing in 2022