Hacks/Cracks - Page 1.75
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The 8220 hacker group is exploiting both Windows and Linux web servers with crypto-jacking malware. It is believed that the group has access to the source code of both OSes, which enables them to exploit vulnerabilities in both systems.
Researchers have identified a new exploit impacting upcoming processors called “Spectre based on Linear Address Masking” (SLAM). This side-channel-based attack exploits the new security features in Intel (Linear Address Masking (LAM)), AMD (Upper Address Ignore (UAI)), and ARM (Top Byte Ignore (TBI) chips. Specifically, the SLAM attack is a transient execution technique exploiting the new memory improvement features to leak sensitive data like password hashes.
A collection of new security vulnerabilities called LogoFAIL has been discovered hiding with the Unified Extensible Firmware Interfaces (UEFI) that we use for booting almost all modern computing devices. Linux or Windows, ARM or x86, it doesn't matter -- they're all vulnerable to these flaws!
A team of Chinese hackers known as Kinsing has discovered a little-known security vulnerability in the Apache ActiveMQ message broker software. The vulnerability allowed the attackers to implant rootkits on Linux servers remotely and steal sensitive information such as usernames, passwords, and SSH keys.
Researchers have discovered a new variant of BiBi malware attacks targeting Israeli Windows and Linux systems, resulting in data wipes. Alerts were sent out by Israel’s (Cyber Emergency Response Team) CERT to help potential target organizations prevent attacks by threat actors.
The US authorities have shut down a major botnet comprising tens of thousands of infected endpoints, which cyber-criminals hired to launch various attacks anonymously.
A new malware wiper known as BiBi-Linux is being used to destroy data in attacks targeting Linux systems belonging to Israeli companies.
StripedFly malware is capable of grabbing screenshots and stealing passwords.
The BlackCat ransomware operators have demonstrated ongoing adaptation and innovation in their malicious activities, making mitigating their threats challenging for security experts.
In September 2023, FortiGuard Labs’ vigilant team uncovered a significant development in the IZ1H9 Mirai-based DDoS campaign.
The digital age offers opportunities but also increases the importance of cybersecurity as threats grow in complexity and sophistication, making preparedness a top priority.
The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.
The P2PInfect botnet worm is going through a period of highly elevated activity volumes starting in late August and then picking up again in September 2023.
Researchers have discovered a never-before-seen backdoor for Linux that’s being used by a threat actor linked to the Chinese government.
Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years.
We do not often talk about Linux malware because it is often quickly patched up and not exploited much in the wild compared to Windows/macOS. However, there has been a concern regarding the Free Download Manager (a decently popular cross-platform download manager).
The usage of Blueshell malware spikes up by various threat actors to target Windows, Linux, and other operating systems across Korea and Thailand.
Cybersecurity researchers at ReversingLabs claim that a recent malicious cyber campaign targeting MacOS, Linux, and Windows systems was carried out by the North Korean threat group Lazarus.
"Variants of CL0p were initially only found on Windows systems, but the gang also developed a Linux variant toward the end of 2022, reflecting the diversity of endpoint operating systems used by modern businesses. In an interesting, flawed technical glitch, security researchers noted that the Linux version’s encryption is easily reversible using a simple decryptor."
According to recent reports, there have been instances of threat actors using malware called “SkidMap” to exploit vulnerable Redis systems.