Authorities have dismantled SocksEscort, a service that sold access to a large proxy network built from compromised residential routers. Investigators say much of the infrastructure sat on infected SOHO networking devices, many running embedded Linux...
A new variant of the AcidRain Linux malware called AcidPour has been discovered. This malware targets explicitly Linux systems in Ukraine. AcidPour expands upon its predecessor and poses a significant risk to users. Let's examine the importance of this discovery, the implications for admins and security professionals, and measures you can take to protect against threats like AcidPour.
The emergence of the KrustyLoader backdoor, with its variants targeting both Windows and Linux systems, has caught the attention of cybersecurity experts. This critical analysis will delve into the implications of this sophisticated backdoor, raise questions about its long-term consequences, and explore its impact on Linux admins, information security professionals, internet security enthusiasts, and sysadmins.
The emergence of advanced malware strains presents significant challenges for security practitioners, and the recent discovery of the WogRAT malware is no exception. This article explores the implications of WogRAT's abuse of an online notepad service to store and retrieve malicious payloads.
Security researchers have uncovered a concerning cyberattack campaign that targets developers on GitHub, potentially affecting millions of repositories. This campaign utilizes repo confusion attacks, which exploit human error rather than package manager systems.
The Nood RAT malware is a new threat to Linux servers worldwide. Security researchers say Nood RAT is designed to steal sensitive information from targeted servers. This article warns Linux admins and infosec professionals of the risks posed by the malware and how to prevent such cyberattacks.
A potential security vulnerability exists in the command-not-found tool in Ubuntu, which threat actors could exploit to recommend and install malicious packages on systems running Ubuntu operating systems. The command-not-found tool is installed by default on Ubuntu systems and suggests packages to install when users attempt to run commands that are not available.
Security vulnerabilities in Google's login systems have been uncovered, enabling researchers to bypass Google's protections and access user accounts by obtaining login cookies. These findings raise concerns about the effectiveness of cookie-based authentication and the security of Google accounts in general.
The recent uncovering of malicious Python projects being distributed through the Python Package Index (PyPI) is an urgent reminder of the need for enhanced vigilance and security around the Python open-source ecosystem. Threat actors have been able to compromise developer accounts and push out trojanized versions of legitimate Python libraries, enabling them to harvest credentials, execute arbitrary commands, and more.
A new set of malicious Python projects are targeting Linux and Windows systems. Security Brief states, "There has been a significant rise in the number of attacks involving Python."
Alright, folks, let me fill you in. Fake security updates have been causing real-world havoc! The Israel National Cyber Directorate (INCD) alerts about phishing emails pretending to be F5 BIG-IP security updates, and guess what? These emails unleash Windows and Linux data wipers. Troubling, right?
Let me fill you in on a stealthy threat to Linux systems that has flown under the radar for nearly three years! A remote access trojan dubbed "Krasue" has been silently infiltrating Linux systems like yours, primarily targeting telecommunications companies since 2021.
The 8220 hacker group is exploiting both Windows and Linux web servers with crypto-jacking malware. It is believed that the group has access to the source code of both OSes, which enables them to exploit vulnerabilities in both systems.
Researchers have identified a new exploit impacting upcoming processors called “Spectre based on Linear Address Masking” (SLAM). This side-channel-based attack exploits the new security features in Intel (Linear Address Masking (LAM)), AMD (Upper Address Ignore (UAI)), and ARM (Top Byte Ignore (TBI) chips. Specifically, the SLAM attack is a transient execution technique exploiting the new memory improvement features to leak sensitive data like password hashes.
A collection of new security vulnerabilities called LogoFAIL has been discovered hiding with the Unified Extensible Firmware Interfaces (UEFI) that we use for booting almost all modern computing devices. Linux or Windows, ARM or x86, it doesn't matter -- they're all vulnerable to these flaws!
A team of Chinese hackers known as Kinsing has discovered a little-known security vulnerability in the Apache ActiveMQ message broker software. The vulnerability allowed the attackers to implant rootkits on Linux servers remotely and steal sensitive information such as usernames, passwords, and SSH keys.
Researchers have discovered a new variant of BiBi malware attacks targeting Israeli Windows and Linux systems, resulting in data wipes. Alerts were sent out by Israel’s (Cyber Emergency Response Team) CERT to help potential target organizations prevent attacks by threat actors.
The US authorities have shut down a major botnet comprising tens of thousands of infected endpoints, which cyber-criminals hired to launch various attacks anonymously.
The BlackCat ransomware operators have demonstrated ongoing adaptation and innovation in their malicious activities, making mitigating their threats challenging for security experts.
