Linux admins -

Hackers (the malicious ones) are increasingly exploiting poorly configured Linux servers by abusing legitimate proxy tools like TinyProxy and Sing-box. These tools, while useful under normal circumstances, can turn compromised servers into proxy nodes for hiding attacker activities or facilitating shady operations.

This is especially notable because the abuse doesn't rely on malware and uses legitimate open-source software, making it harder to detect and mitigate. Weak SSH practices and the lack of vigilant log analysis and resource monitoring can leave Linux admins blind to signs of compromise or even ongoing attacks.

Read more to learn how you can identify tools and strategies to significantly reduce the likelihood of your Linux server being turned into a proxy for malicious purposes.

Yours in Open Source,

Dv Signature Newsletter 2024 Esm W150

Dave Wreski

LinuxSecurity Founder

TinyProxy / Sing-box

The Discovery 

Attackers are abusing legitimate proxy tools like TinyProxy and Sing-box to hide malicious activities of carry out suspicious operations.

Ethical Hacking Esm W400

The Impact

These exploits could lead to compromise or ongoing attacks against your Linux systems.

 The Fix

 Important bug fixes have been released to mitigate these flaws. All impacted admins should update as soon as possible to secure their systems and prevent attacks.

Your Related Advisories:

[distro_list_1]

Chrome

The Discovery 

Two new vulnerabilities have been identified in Chrome: an Integer Overflow in the V8 Engine and a Use-After-Free in Profiler.

Chrome Esm W112

The Impact

 These flaws could enable attackers to breach critical applications, unleash malware, disrupt services, or gain access to sensitive systems in your network.

 The Fix

Chrome version 137.0.7151.119/.120 has been released to mitigate these issues. All impacted users should update immediately to secure their critical systems and applications. 

Your Related Advisories:

[distro_list_2]