We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Researchers have revealed a never-before-seen piece of cross-platform malware that has infected a wide range of Linux and Windows devices, including small office routers, FreeBSD boxes, and large enterprise servers.
Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware.
A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads.
More than 200 malicious packages have been discovered infiltrating the PyPI and npm open source registries this week.
A malicious PyPI package was used to install a Monero cryptominer on Linux systems.
A new ransomware family has been discovered, which targets specifically Linux-based systems using a range of encryption methods. GwisinLocker is the malware responsible for the attack.
Windows, Linux, and ESXi systems could be encrypted with the novel Luna ransomware family, which is believed to be developed by Russian-speaking threat actors, according to BleepingComputer.
A new and previously undetected malware dubbed 'Lightning Framework' targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits.
Cybersecurity researchers have taken the wraps off a new and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware attacks geared towards the popular operating system.
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window.
Microsoft warns over recent work by the '8220' malware gang to compromise Linux systems and install cryptomining malware.
Akamai Security Research is lifting the public embargo on "Panchan", a new peer-to-peer botnet they are warning customers about that has been breaching Linux servers since March.
Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote access to infected hosts.
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet.
A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sector to mine cryptocurrency.
A new Linux rootkit malware named ‘Syslogk’ is being used in attacks to hide malicious processes, using specially crafted "magic packets" to awaken a backdoor laying dormant on the device.
Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel evasion techniques to conceal its presence on infected servers, in some cases even with a forensic investigation.
Security researchers have discovered some new Linux-based ransomware that's being used to attack VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs) that share the same hard drive storage. Called Cheerscrypt, the bad app is following in the footsteps of other ransomware programs—such as LockBit, Hive and RansomEXX—that have found ESXi an efficient way to infect many computers at once with malicious payloads.
A group of cybersecurity researchers from BlackBerry and Intezer discovered a new Linux malware that, according to the companies, would be “nearly impossible to detect.”
Black Basta is the latest ransomware gang to add support for encrypting VMware ESXi virtual machines (VMs) running on enterprise Linux servers.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
