We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform. As more businesses move to this type of platform for their servers, we expect to continue to see ransomware developers focus primarily on Windows machines - but also create a dedicated Linux encryptor targeting ESXi.
The Uptycs Threat Research team outlines how malicious Linux shell scripts are used to cloak attacks and how defenders can detect these threats and mitigate their risk of suffering an attack.
Hackers are turning coding languages such as Go, Rust, Nim and DLang into next-gen malware targeting Linux and Windows systems, enabling them to avoid signature detection and add layers of obfuscation.
The infamous cross-platform LemonDuck crypto-mining malware has continued to refine and improve upon its techniques to strike both Linux and Windows OSes by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns.
The ransomware gang behind the notorious attack on CD Projekt Red is now using a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage.
Learn about common defense evasion techniques used in malicious shell scripts and how Uptycs detects them.
Experts say that an affiliate-driven approach and regular malware refinements are key to REvil's ransomware success formula.
The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines. By targeting virtual machines this way, REvil can encrypt many servers at once with a single command.
The Necro Python bot - which targets both Linux and Windows systems - changes its code to evade traditional security detection. Learn the details, and get advice on how to secure your systems.
Embedded Linux devices are everywhere these days, and sooner or later, you’re going to want to poke around in one of them. But how? Learn the techniques and tools Felipe Astroza has used to hack the Foscam C1 security camera, which will work on a wide range of embedded Linux gadgets.
A new malicious package targeting NodeJS developers using Linux and macOS has been discovered hidden in a fake Browserify NPM package.
The maintainers of the PHP programming language have issued an update regarding the security incident that came to light late last month, stating that the actors may have gotten hold of a user database containing their passwords to make unauthorized changes to the repository. This was initially treated as a compromise of the git.php.net server - but further investigation into the incident has revealed that the commits were a result of pushing them using HTTPS and password-based authentication.
Linux servers are being targeted with sophisticated malware believed to have been developed by Chinese hackers using an end-of-life Red Hat compiler.
Both Linux and Windows servers are being targeted by the dangerous new WatchDog botnet, which uses exploits to take over servers and mine cryptocurrency.
Russian digital espionage group Fancy Bear has incorporated a new Linux-based malware dubbed “Drovorub” into their attack campaigns, according to the National Security Agency (NSA) and the FBI.
Kobalos - A devious new Linux malware - targets high-performance supercomputers and enables attackers to execute arbitrary commands on systems remotely.
The evasive new Pro-Ocean cryptojacking malware is sidestepping security defenses and targeting Apache, Oracle and Redis servers.
The Dovecat Monero-mining malware doesn't steal data, but it consumes large amounts of CPU and memory. This is the latest threat faced by QNAP customers - after research published in July 2020 identified that tens of thousands of NAS drives are potentially vulnerable to malware that prevents administrators from applying patches.
The recently discovered DreamBus botnet uses exploits and brute-force attacks to target PostgreSQL, Redis, SaltStack, Hadoop, Spark, and others enterprise-level apps that run on Linux systems. "The idea is to give the DreamBus gang a foothold on a Linux server where they could later download and install an open-source app that mines the Monero (XMR) cryptocurrency to generate profits for the attackers."
Two recently discovered Linux botnets - DreamBus and FreakOut - are designed for DDoS attacks, cryptocurrency mining and other malicious purposes.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
