Cybersecurity News in Asia

Features
- Featured
  
  Misconfigured AI: Hype or real threat to APAC Infrastructure?
  
  Monday, March 16, 2026, 7:36 PM Asia/Singapore | Features, Tips
- Featured
  
  Building trust in Asia’s financial sector with digital identity innovations
  
  Monday, March 16, 2026, 9:45 AM Asia/Singapore | Features, Newsletter
- Featured
  
  IoT trends APAC enterprises cannot ignore in 2026
  
  Friday, March 13, 2026, 3:08 PM Asia/Singapore | Features
Opinions
Tips
Whitepapers
Awards 2025
Directory
E-Learning

Qualys Threat Research Unit discovers “CrackArmor”

By CybersecAsia editors | Wednesday, March 18, 2026, 8:00 AM Asia/Singapore

Nine vulnerabilities that can be exploited since 2017, putting millions of Linux systems in danger.

The Qualys Threat Research Unit (TRU) has recently discovered “CrackArmor”, a set of nine vulnerabilities within AppArmor, a widely used security module in the Linux kernel.

These flaws have left over 12 million enterprise systems running Ubuntu, Debian, and SUSE distributions exposed since 2017, enabling local attackers to gain full root access, execute container breakouts, and cause system-wide crashes.

The CrackArmor vulnerabilities exploit a “confused deputy” flaw, which manipulates a trusted, higher-privilege program into misusing its authority. Attackers can trick system processes into performing malicious actions on their behalf, effectively bypassing security controls to gain unauthorized access or escalate privileges without needing administrative credentials.

The discovery highlights a significant risk across numerous sectors. Industries most impacted include cloud computing, banking and finance, manufacturing, healthcare, and government.

“These discoveries highlight critical gaps in how we rely on default security assumptions,” said Dilip Bachwani, Chief Technology Officer, Qualys. “CrackArmor proves that even the most entrenched protections can be bypassed without admin credentials. For CISOs, this means patching alone isn’t enough; we must re-examine our entire assumption of what ‘default’ configurations mean for our infrastructure.”

Qualys researchers have determined that the only reliable method to mitigate the CrackArmor vulnerabilities is through immediate kernel patching. Organizations are urged to apply the necessary security updates to protect their systems from potential exploitation.

In keeping with the responsible disclosure process, the Qualys TRU team coordinated and communicated with upstream maintainers for several months to ensure that fixes were robust and stable across all Linux distributions prior to public release.

CybersecAsia understands that the Linux community is working to address these critical security issues.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

Cyber protection for medical clinics in Singapore
As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more

Bottom sidebar

Other News

VIVOTEK Accelerates AI Innovation Through Network Optix Platform Integration
Saturday, March 14, 2026
TAIPEI, March 12, 2026 /PRNewswire/ …Read More »
Tencent Cloud Unveils AI-Powered Gaming Solutions at GDC 2026, Transforming Connection, Creation, and Security for the Future of Games
Friday, March 13, 2026
The Latest GVoice Brings Revolutionary …Read More »
TXOne Networks Showcases TXOne Complete at S4x26, Advancing the Full OT Security Journey for Channel Partners
Thursday, March 12, 2026
The operations-first OT security partner …Read More »
Globe Teleservices Announces Partnership with Myanma Posts and Telecommunications to Enhance Secure Messaging and Customer Experience
Thursday, March 12, 2026
SINGAPORE, March 11, 2026 /PRNewswire/ …Read More »
Coremail Shares Insights on Strengthening Enterprise Email Security Amid Evolving Threats
Thursday, March 12, 2026
BANGKOK, March 11, 2026 /PRNewswire/ …Read More »

Cybersecurity News in Asia

Featured

Misconfigured AI: Hype or real threat to APAC Infrastructure?

Featured

Building trust in Asia’s financial sector with digital identity innovations

Featured

IoT trends APAC enterprises cannot ignore in 2026

Qualys Threat Research Unit discovers “CrackArmor”

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar

Other News