We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Discover Hacks/Cracks News

Akira Ransomware Gang Targets Linux Servers, Extorts $42 Million


The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on Windows systems but later shifted its attention to Linux servers, mainly targeting VMware ESXi virtual machines. The ransomware leverages different methods for initial access to target networks, such as exploiting known flaws in Cisco appliances, spear phishing, and abusing VPN services lacking multi-factor authentication protections. It also utilizes various tools for setting up persistence, privilege escalation, and lateral movement within networks.

Threat Actors Are Actively Using Pupy RAT Malware to Attack Linux Systems


A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been observed. The malware's multifunctional nature is a notable characteristic, striking a chord with Linux admins, infosec professionals, internet security enthusiasts, and sysadmins who are likely familiar with the potential threat of versatile malware.

Linux Admins Beware: Malvertising Campaign Exploiting PuTTY Puts Security at Risk


A malvertising campaign has been discovered that deploys a fake PuTTY client to deliver the Rhadamanthys stealer, a dangerous malware. The attackers exploit the trust placed in PuTTY as a widely used SSH and Telnet client by presenting a counterfeit website through malicious ads that appear at the top of Google search results. Let's examine this significant security threat targeting Linux admins more deeply, emphasizing the need for heightened vigilance and robust Linux security measures. 

Analyzing AcidPour: A New and Evolving Linux Malware Threat


A new variant of the AcidRain Linux malware called AcidPour has been discovered. This malware targets explicitly Linux systems in Ukraine. AcidPour expands upon its predecessor and poses a significant risk to users. Let's examine the importance of this discovery, the implications for admins and security professionals, and measures you can take to protect against threats like AcidPour.

New KrustyLoader Backdoor Threatens Linux & Windows Systems


The emergence of the KrustyLoader backdoor, with its variants targeting both Windows and Linux systems, has caught the attention of cybersecurity experts. This critical analysis will delve into the implications of this sophisticated backdoor, raise questions about its long-term consequences, and explore its impact on Linux admins, information security professionals, internet security enthusiasts, and sysadmins.

Ubuntu Tool Could Trick Users Into Installing Rogue Packages


A potential security vulnerability exists in the command-not-found tool in Ubuntu, which threat actors could exploit to recommend and install malicious packages on systems running Ubuntu operating systems. The command-not-found tool is installed by default on Ubuntu systems and suggests packages to install when users attempt to run commands that are not available.

Danger in the Python Package Index: Malicious Code Lurking in PyPI


The recent uncovering of malicious Python projects being distributed through the Python Package Index (PyPI) is an urgent reminder of the need for enhanced vigilance and security around the Python open-source ecosystem. Threat actors have been able to compromise developer accounts and push out trojanized versions of legitimate Python libraries, enabling them to harvest credentials, execute arbitrary commands, and more.

New SLAM Attack Threatens Future CPUs Security


Researchers have identified a new exploit impacting upcoming processors called “Spectre based on Linear Address Masking” (SLAM). This side-channel-based attack exploits the new security features in Intel (Linear Address Masking (LAM)), AMD (Upper Address Ignore (UAI)), and ARM (Top Byte Ignore (TBI) chips. Specifically, the SLAM attack is a transient execution technique exploiting the new memory improvement features to leak sensitive data like password hashes.