Tag: linux
-
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems.”Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this…
-
Agentic AI is both boon and bane for security pros
Recent agentic security signposts: Recently, we have seen numerous examples of how quickly building your own autonomous AI agents has taken root. Microsoft last month demonstrated six new AI agents that work with its Copilot software that talk directly to its various security tools to identify vulnerabilities, flag identity and asset compromises. Simbian is hosting…
-
Krypto-Miner, Zero-Day-Malware und Linux-basierte Bedrohungen legen laut WatchguardSecurity-Report weiter zu
Gerade hat Watchguard Technologies den Internet-Security-Report für das vierte Quartal 2024 veröffentlicht. Die Zunahme von netzwerkbasierter Malware um 94 Prozent im Vergleich zum Vorquartal ist dabei gewiss eine der eindrucksvollsten Beobachtungen. Dies geht einher mit einem generellen Anstieg des Malware-Volumens, wozu nicht zuletzt sechs Prozent mehr Erkennungen durch die Gateway-Antivirus (GAV)-Funktionalität und die um 74…
-
HelloKitty Ransomware Returns, Launching Attacks on Windows, Linux, and ESXi Environments
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware, signaling its resurgence with attacks targeting Windows, Linux, and ESXi environments. HelloKitty ransomware, initially appearing in October 2020 as a fork of DeathRansom, has evolved significantly in its encryption methods. The ransomware now embeds an RSA-2048 public key, which is…
-
U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Linux Kernel flaws, respectively tracked as CVE-2024-53197 and CVE-2024-53150, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability CVE-2024-53197 (CVSS score of 7.8) resides in the Linux kernel’s ALSA USB-audio driver affecting Extigy…
-
Top 16 OffSec, pen-testing, and ethical hacking certifications
Tags: access, android, antivirus, application-security, attack, authentication, blockchain, bug-bounty, business, cisco, cloud, computing, credentials, crypto, cryptography, cyber, cybersecurity, data, defense, detection, encryption, exploit, guide, hacker, hacking, incident response, injection, iot, jobs, kali, linux, malware, microsoft, mitigation, mobile, network, penetration-testing, RedTeam, remote-code-execution, reverse-engineering, risk, risk-assessment, sap, skills, sql, technology, threat, tool, training, update, vulnerability, windowsExperiential learning Offensive security can’t be fully mastered through lectures alone. Candidates need hands-on training in lab environments to develop practical skills. Ideally, certification exams should include a practical assessment, such as developing an exploit to compromise a system.Because individuals learn OffSec techniques, such as penetration testing, in different ways, the most effective certifications offer…
-
CISA Alerts on Actively Exploited Linux Kernel OutBounds Read Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts regarding two actively exploited vulnerabilities in the Linux Kernel. The flaws, tagged as CVE-2024-53197 and CVE-2024-53150, both reside in the USB-audio driver. These vulnerabilities could potentially allow attackers to manipulate system memory, escalate privileges, or access sensitive information. CVE-2024-53197: Linux Kernel Out-of-Bounds Access Vulnerability The…
-
Linux Firewall IPFire 2.29 Launches with Post-Quantum Encryption and System Enhancements
The open-source Linux firewall solution, IPFire, has officially released its latest version, IPFire 2.29 Core Update 193. This landmark update introduces cutting-edge post-quantum encryption capabilities for IPsec tunnels, along with extensive system upgrades to bolster security, performance, and hardware optimization for the long term. Post-Quantum Cryptography for a More Secure Future In a major step forward […]…
-
Review: The Ultimate Kali Linux Book, Third Edition
Packed with real-world scenarios, hands-on techniques, and insights into widely used tools, the third edition of the bestselling Ultimate Kali Linux Book offers a practical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/10/review-the-ultimate-kali-linux-book-third-edition/
-
Brauchst du eine Antiviren-Software für Linux-Desktops?
Alles begann mit einer scheinbar harmlosen Frage, die ein Nutzer in unserem ESET Security Forum gestellt hat: ‘Brauche ich wirklich ein Antiviren-Programm für meine Linux-Distributionen?” So simpel die Frage auch klingt, die Antwort darauf ist etwas komplizierter als ein einfaches Ja oder Nein. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/01/19/brauchst-du-eine-antiviren-software-fur-linux-desktops/
-
GHOST die neue (alte) Linux-Schwachstelle
Forscher des Sicherheitsunternehmens Qualys haben eine schwerwiegende Schwachstelle in der glibc-Bibliothek von Linux entdeckt. Die Sicherheitslücke erlaubt Angreifern, ohne direkten Zugriff auf das System die Kontrolle zu übernehmen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/02/02/ghost-die-neue-alte-linux-schwachstelle/
-
Mumblehard: Linux-Malware verbreitet Spam über deinen Server
Heute decken ESET-Experten eine Linux-Malware-Familie auf, die bereits seit einiger Zeit ihr Unwesen treibt Linux/Mumblehard. Ein White Paper über die Bedrohung ist auf WeLiveSecurity als Download verfügbar. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/04/29/mumblehard-linux-malware-verbreitet-spam-ueber-deinen-server/
-
Linux 6.15-rc1 Released: Better Drivers, Faster Performance
The Linux kernel community has witnessed another milestone with the release of Linux 6.15-rc1, the first release candidate for the forthcoming Linux 6.15 stable release. Announced by Linus Torvalds on April 6, 2025, in Phoronix blog, this marks the conclusion of a vibrant two-week merge window. Packed with new features, bug fixes, and significant hardware…
-
Google fixed two actively exploited Android zero-days
Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days. Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities (CVE-2024-53197, CVE-2024-53150) exploited in targeted attacks. The vulnerability CVE-2024-53197 is a Linux kernel issue affecting ALSA USB audio. Malicious devices…
-
Auto-Color Linux Backdoor: TTPs and Internal Architecture Exposed
A newly identified Linux backdoor named >>Auto-Color,
-
Microsoft AI findet Schwachstellen in Open-Source-Boot-Loader
Microsoft hat seine AI-Lösung Microsoft Security CoPilot verwendet, um mehrere Boot-Loader, darunter den von Linux verwendeten Open-Source-Boot-Loader Grub, sowie U-boot und Barebox, auf Schwachstellen abzuklopfen. Dabei wurden gleich mehrere Schwachstellen entdeckt wobei die Verwendung von AI das Auffinden von … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/06/microsoft-ai-findet-schwachstellen-in-open-source-boot-loader/
-
Additional details on Outlaw Linux cryptomining botnet emerge
First seen on scworld.com Jump to article: www.scworld.com/brief/additional-details-on-outlaw-linux-cryptomining-botnet-emerge
-
Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems
Hunters International, a ransomware group suspected to be a rebrand of the infamous Hive ransomware, has been linked to widespread attacks targeting Windows, Linux, FreeBSD, SunOS, and ESXi systems. Emerging in October 2023, the group has gained notoriety for its sophisticated techniques in data exfiltration and extortion. Cybersecurity researchers have noted similarities between Hunters International’s…
-
Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
Tags: apache, attack, botnet, credentials, cyber, data-breach, exploit, flaw, hacker, linux, vulnerability, windowsA newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hours of discovery, employ encrypted payloads and advanced persistence mechanisms to infiltrate systems running both Windows and Linux platforms. The attackers…
-
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials.”Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems,” Elastic Security Labs said in a new analysis First…
-
No Frills, Big Impact: How Outlaw Malware Quietly Hijacks Linux Servers
Security researchers at Elastic Security Labs have released an in-depth analysis of a long-running Linux malware campaign known as Outlaw. Despite its unsophisticated code and crude attack methods, Outlaw remains remarkably persistent. This malware is a great example of how… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/outlaw-malware-linux-servers/
-
Altgeräte bedrohen Sicherheit in Unternehmen
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Tax Season Threat Surge
Veriti Research has identified a significant rise in tax-related malware samples across multiple platforms. The research team discovered malware samples targeting Android, Linux, and Windows, all connected to the same adversary operating from a single IP address. We believe the attacker is running multiple parallel campaigns and using “Malware-as-a-Service” tools to target various platforms simultaneously,……
-
Privacy Roundup: Week 13 of Year 2025
Tags: access, ai, android, apple, application-security, breach, browser, cctv, chrome, cloud, cve, cybersecurity, data, detection, exploit, firmware, google, group, leak, linux, malware, microsoft, mobile, phishing, privacy, regulation, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, zero-dayThis is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 – 29 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Open Source statt Microsoft – So können Unternehmen Linux-Server günstig und sicher aufsetzen
First seen on security-insider.de Jump to article: www.security-insider.de/open-source-und-linux-statt-windows-a-b4da32bf803c2dc7f035009a3c83d64b/
-
Linux Lite 7.4 Final Released: Enhanced GUI and Bug Fixes
Linux Lite, a popular lightweight Linux distribution aimed at making Linux accessible to beginners, has officially released itsLinux Lite 7.4 Finalversion. This release comes with several incremental updates that improve functionality, address bugs, and refine the user interface, ensuring a smoother experience for users. Although Linux Lite 7.4 is categorized as a minor release, it…
-
Both Haiku and Linux get new FOSS Nvidia drivers
Thanks to Collabora’s work on Zink and NVK”¦ and indirectly to GPU-maker’s FOSS release, too First seen on theregister.com Jump to article: www.theregister.com/2025/03/28/haiku_linux_foss_nvidia_drivers/
-
Sicherheitslücken in Ubuntu Umgehung von Nutzer-Namespace-Beschränkungen
Die Qualys Threat Research Unit (TRU) hat drei Sicherheitslücken in den Nutzer-Namespace-Beschränkungen von Ubuntu entdeckt. Diese wurden am 15. Januar 2025 dem Ubuntu-Security-Team gemeldet. Die Schwachstellen ermöglichen es Angreifern, administrative Rechte innerhalb von Nutzer-Namespaces zu erlangen und so Kernel-Sicherheitslücken gezielt auszunutzen. Hintergrund zu Nutzer-Namespaces in Linux Linux erlaubt es unprivilegierten Nutzern, eigene Namespaces mit […]…