APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers
APT36 is a highly sophisticated APT (Advanced Persistent Threat) group known for conducting targeted espionage in South Asia and is strongly linked to Pakistan.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
APT36 is a highly sophisticated APT (Advanced Persistent Threat) group known for conducting targeted espionage in South Asia and is strongly linked to Pakistan.
Security Enhanced Linux (SELinux) has been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems. Those that haven't been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). But now with Linux 6.6 the NSA references are being removed.
A ransomware campaign by the recently emerged Monti ransomware group is targeting victims with a new Linux variant of its malware. The threat group is the latest in a growing number of ransomware groups finding profit in going after Linux infrastructure.
The White House launched a multimillion-dollar cyber contest to use artificial intelligence (AI) to detect and fix security vulnerabilities in the U.S. government's digital infrastructure in response to hackers' growing use of AI.
The Biden Administration has extended the deadline for federal agencies to submit documentation proving that the software they use was developed with appropriate security practices, because the form for reporting on such matters isn't complete.
India's government has reportedly banned 14 messaging apps on national security grounds, including some open source services.
Society and governments are struggling to adapt to a world full of cybersecurity threats. Case in point: the EU CRA — Cyber Resilience Act — is a proposal by the European Commission to enact legislation with a noble goal: protect consumers from cybercrime by having security baked in during design.
A technical report published by Uptycs security earlier this week revealed that a Pakistan-based advanced persistent threat (APT) actor called Transparent Tube attempted to deliver a Linux backdoor malware dubbed Poseidon on Indian government agency systems using a fake two-factor authentication tool.
The Linux Foundation Janssen Project, a low-code digital ID software platform developed in partnership with Gluu, has been adjudged as a digital public good (DPG) following a review by the Digital Public Good Alliance (DPGA).
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch.