All posts tagged "Linux"
-
3.0KVulnerabilitiesLockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control...
-
1.3KVulnerabilitiesKinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency...
-
2.6KVulnerabilitiesSideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government...
-
3.3KMalwareStripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no...
-
1.5KMalwarePro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the ongoing...
-
661MalwareShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and...
-
975Vulnerabilitieslibcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote...
-
3.5KVulnerabilitiesLooney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions
A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library’s ld.so dynamic loader that, if successfully...
-
1.1KMalwareEarth Lusca’s New SprySOCKS Linux Backdoor Targets Government Entities
The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth...
-
1.5KVulnerabilitiesAlert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to...
-
1.6KMalwareMonti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in...
-
2.6KMalwareNew SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers
Vulnerable Redis services have been targeted by a “new, improved, dangerous” variant of a malware called SkidMap that’s engineered to target a...
-
2.9KMalwareReptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. “Unlike other rootkit malware that typically...
-
3.3KMalwareThe Alarming Rise of Infostealers: How to Detect this Silent Threat
A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware....
-
3.4KMalwarePython-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings...
-
3.9KVulnerabilitiesResearchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability
Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges...
-
3.6KMalwareChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC
The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion...
-
3.8KMalwareNew GobRAT Remote Access Trojan Targeting Linux Routers in Japan
Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. “Initially, the attacker targets a...
-
202MalwareNew ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of...
-
4.3KMalwareNew Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep...
-
603MalwareRTM Locker’s First Linux Ransomware Strain Targeting NAS and ESXi Hosts
The threat actors behind RTM Locker have developed a ransomware strain that’s capable of targeting Linux machines, marking the group’s first foray...
