Linux botnet abuses log4j to attack Arm, x86-based devices
A new Linux botnet, B1txor20, that targets Arm and 64-bit x86 systems shows log4j isn't going away any time soon.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A new Linux botnet, B1txor20, that targets Arm and 64-bit x86 systems shows log4j isn't going away any time soon.
eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. “NginRAT essentially hijacks a host Nginx application to stay undetected. To do that, NginRAT modifies core functionality of the Linux host system. When the legitimate Nginx web server uses such functionality (eg dlopen), NginRAT intercepts it to inject itself.”
Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of sight from security products. The malware, dubbed CronRat, hides in the calendar subsystem of Linux servers (“cron”) on a non-existent day, 31 February, according to a blog post by security researchers at Sansec.