Hacks/Cracks
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A malvertising campaign has been discovered that deploys a fake PuTTY client to deliver the Rhadamanthys stealer, a dangerous malware. The attackers exploit the trust placed in PuTTY as a widely used SSH and Telnet client by presenting a counterfeit website through malicious ads that appear at the top of Google search results. Let's examine this significant security threat targeting Linux admins more deeply, emphasizing the need for heightened vigilance and robust Linux security measures.
As reported by a subscriber to the incidents mailing list at . "It appears that perhaps tens of thousands of username/passwords for valid shell logins ALL ACROSS THE NET may have been compromised at CCBILL, a large internet credit card/check processor used for e-commerce and adult sites, read carefully!!". . .
A new variant of the AcidRain Linux malware called AcidPour has been discovered. This malware targets explicitly Linux systems in Ukraine. AcidPour expands upon its predecessor and poses a significant risk to users. Let's examine the importance of this discovery, the implications for admins and security professionals, and measures you can take to protect against threats like AcidPour.
The emergence of the KrustyLoader backdoor, with its variants targeting both Windows and Linux systems, has caught the attention of cybersecurity experts. This critical analysis will delve into the implications of this sophisticated backdoor, raise questions about its long-term consequences, and explore its impact on Linux admins, information security professionals, internet security enthusiasts, and sysadmins.
The emergence of advanced malware strains presents significant challenges for security practitioners, and the recent discovery of the WogRAT malware is no exception. This article explores the implications of WogRAT's abuse of an online notepad service to store and retrieve malicious payloads.
Security researchers have uncovered a concerning cyberattack campaign that targets developers on GitHub, potentially affecting millions of repositories. This campaign utilizes repo confusion attacks, which exploit human error rather than package manager systems.
The Nood RAT malware is a new threat to Linux servers worldwide. Security researchers say Nood RAT is designed to steal sensitive information from targeted servers. This article warns Linux admins and infosec professionals of the risks posed by the malware and how to prevent such cyberattacks.
A potential security vulnerability exists in the command-not-found tool in Ubuntu, which threat actors could exploit to recommend and install malicious packages on systems running Ubuntu operating systems. The command-not-found tool is installed by default on Ubuntu systems and suggests packages to install when users attempt to run commands that are not available.
Security vulnerabilities in Google's login systems have been uncovered, enabling researchers to bypass Google's protections and access user accounts by obtaining login cookies. These findings raise concerns about the effectiveness of cookie-based authentication and the security of Google accounts in general.
The recent uncovering of malicious Python projects being distributed through the Python Package Index (PyPI) is an urgent reminder of the need for enhanced vigilance and security around the Python open-source ecosystem. Threat actors have been able to compromise developer accounts and push out trojanized versions of legitimate Python libraries, enabling them to harvest credentials, execute arbitrary commands, and more.
A new set of malicious Python projects are targeting Linux and Windows systems. Security Brief states, "There has been a significant rise in the number of attacks involving Python."
Alright, folks, let me fill you in. Fake security updates have been causing real-world havoc! The Israel National Cyber Directorate (INCD) alerts about phishing emails pretending to be F5 BIG-IP security updates, and guess what? These emails unleash Windows and Linux data wipers. Troubling, right?
Let me fill you in on a stealthy threat to Linux systems that has flown under the radar for nearly three years! A remote access trojan dubbed "Krasue" has been silently infiltrating Linux systems like yours, primarily targeting telecommunications companies since 2021.
The 8220 hacker group is exploiting both Windows and Linux web servers with crypto-jacking malware. It is believed that the group has access to the source code of both OSes, which enables them to exploit vulnerabilities in both systems.
Researchers have identified a new exploit impacting upcoming processors called “Spectre based on Linear Address Masking” (SLAM). This side-channel-based attack exploits the new security features in Intel (Linear Address Masking (LAM)), AMD (Upper Address Ignore (UAI)), and ARM (Top Byte Ignore (TBI) chips. Specifically, the SLAM attack is a transient execution technique exploiting the new memory improvement features to leak sensitive data like password hashes.
A collection of new security vulnerabilities called LogoFAIL has been discovered hiding with the Unified Extensible Firmware Interfaces (UEFI) that we use for booting almost all modern computing devices. Linux or Windows, ARM or x86, it doesn't matter -- they're all vulnerable to these flaws!
A team of Chinese hackers known as Kinsing has discovered a little-known security vulnerability in the Apache ActiveMQ message broker software. The vulnerability allowed the attackers to implant rootkits on Linux servers remotely and steal sensitive information such as usernames, passwords, and SSH keys.
Researchers have discovered a new variant of BiBi malware attacks targeting Israeli Windows and Linux systems, resulting in data wipes. Alerts were sent out by Israel’s (Cyber Emergency Response Team) CERT to help potential target organizations prevent attacks by threat actors.
The US authorities have shut down a major botnet comprising tens of thousands of infected endpoints, which cyber-criminals hired to launch various attacks anonymously.
A new malware wiper known as BiBi-Linux is being used to destroy data in attacks targeting Linux systems belonging to Israeli companies.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.