Tag: linux
-
Weaponized pen testers are becoming a new hacker staple
Tags: access, attack, cloud, credentials, defense, google, hacker, iam, intelligence, linux, macOS, malicious, malware, microsoft, open-source, password, penetration-testing, RedTeam, software, strategy, threat, tool, vulnerability, windowsMalicious adaptations of popular red teaming tools like Cobalt Strike and Metasploit are causing substantial disruption, emerging as a dominant strategy in malware campaigns.According to research by threat-hunting firm Elastic, known for its search-powered solutions, these two conventional penetration testing tools were weaponized to account for almost half of all malware activities in 2024.”The most…
-
WolfsBane Chinesische Hacker bauen Backdoors in Linux ein
First seen on security-insider.de Jump to article: www.security-insider.de/neue-linux-backdoor-wolfsbane-cybersecurity-bericht-a-b6f2d35625113cea670df3d992bcc192/
-
Deploy a SOC using Kali Linux in AWS
The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/25/kali-soc-aws/
-
WolfsBane: Gelsemium APT Group’s Linux Backdoor Debut
ESET researchers have unveiled WolfsBane, the Linux counterpart to the Windows-based Gelsevirine backdoor, marking a significant milestone in the evolution of the Gelsemium Advanced Persistent Threat (APT) group. Known for... First seen on securityonline.info Jump to article: securityonline.info/wolfsbane-gelsemiums-linux-backdoor-debut/
-
Security Affairs newsletter Round 499 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyberattack on gambling giant IGT disrupted portions of its IT systems China-linked APT Gelsemiumuses a new Linux…
-
Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/24/week-in-review-0-days-exploited-in-palo-alto-networks-firewalls-two-unknown-linux-backdoors-identified/
-
Public developer spats put bcachefs at risk in Linux
Fisticuffs in FOSS-land! Fancy file system’s future fraught! First seen on theregister.com Jump to article: www.theregister.com/2024/11/22/bcachefs_linux/
-
China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane
China-linked APT Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane in attacks targeting East and Southeast Asia. China-linked APT Gelsemium has deployed a previously unknown Linux backdoor, WolfsBane, in attacks targeting East and Southeast Asia, according to ESET. Victims include entities in Taiwan, the Philippines, and Singapore, as seen in VirusTotal samples from…
-
Novel WolfsBane backdoor leveraged in Chinese attacks against Linux systems
First seen on scworld.com Jump to article: www.scworld.com/brief/novel-wolfsbane-backdoor-leveraged-in-chinese-attacks-against-linux-systems
-
‘Alarming’ security bugs lay low in Linux’s needrestart utility for 10 years
Update now: Qualys says flaws give root to local users, ‘easily exploitable’, default in Ubuntu Server First seen on theregister.com Jump to article: www.theregister.com/2024/11/21/qualys_needrestart_linux_vulnerabilities/
-
Gelsemium-Hacker: ESET warnt vor neuen Linux-Backdoors
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/gelsemium-hacker-eset-warnung-neuheit-linux-backdoors
-
China-linked hackers target Linux systems with new spying malware
First seen on therecord.media Jump to article: therecord.media/china-hackers-linux-malware-target
-
In Other News: Nvidia Fixes Critical Flaw, Chinese Linux Backdoor, New Details in WhatsApp-NSO Lawsuit
Noteworthy stories that might have slipped under the radar: Nvidia fixes vulnerability with rare ‘critical’ severity, Chinese APT’s first Linux backdoor, new details emerge from the WhatsApp-NSO lawsuit. The post In Other News: Nvidia Fixes Critical Flaw, Chinese Linux Backdoor, New Details in WhatsApp-NSO Lawsuit appeared first on SecurityWeek. First seen on securityweek.com Jump to…
-
Chinese APT Gelsemium Deploys ‘Wolfsbane’ Linux Variant
In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apt-gelsemium-wolfsbane-linux-variant
-
Chinese hackers target Linux with new WolfsBane malware
A new Linux backdoor called ‘WolfsBane’ has been discovered, believed to be a port of Windows malware used by the Chinese ‘Gelsemium’ hacking group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-gelsemium-hackers-use-new-wolfsbane-linux-malware/
-
‘Alarming’ security bugs lay low in Linux’s needrestart server utility for 10 years
Update now: Qualys says flaws give root to local users, are ‘easily exploitable’ First seen on theregister.com Jump to article: www.theregister.com/2024/11/21/qualys_ubuntu_server_vulnerabilities/
-
Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia.That’s according to findings from cybersecurity firm ESET based on multiple Linux samples uploaded to the VirusTotal platform from Taiwan, the Philippines, and Singapore in…
-
Linux Malware WolfsBane and FireWood Linked to Gelsemium APT
New Linux malware WolfsBane and FireWood have been linked to Gelsemium APT, a cyber-espionage group targeting critical systems First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/linux-malware-wolfsbane-firewood/
-
Seit 10 Jahren vorhanden: Fünf Lücken verleihen Root-Rechte unter Linux
In einem Tool namens Needrestart klaffen gleich mehrere Root-Lücken, die zahlreiche Linux-Systeme gefährden – und das schon seit April 2014. First seen on golem.de Jump to article: www.golem.de/news/seit-10-jahren-vorhanden-fuenf-linux-luecken-verleihen-angreifern-root-rechte-2411-191003.html
-
Researchers unearth two previously unknown Linux backdoors
ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/21/linux-backdoors-wolfsbane-firewood/
-
Helldown Ransomware Attacking VMware ESXi And Linux Servers
Helldown, a new ransomware group, actively exploits vulnerabilities to breach networks, as since August 2024, they have compromised 28 victims, leaking their data on a dedicated website. The ransomware group IS has updated its data leak site, removing three victims, possibly indicating successful ransom payments by continuing its double extortion tactic, stealing and threatening to…
-
Helldown Ransomware Attacking VMware ESX And Linux Servers
Helldown, a new ransomware group, actively exploits vulnerabilities to breach networks, as since August 2024, they have compromised 28 victims, leaking their data on a dedicated website. The ransomware group IS has updated its data leak site, removing three victims, possibly indicating successful ransom payments by continuing its double extortion tactic, stealing and threatening to…
-
Ubuntu Linux impacted by decade-old ‘needrestart’ flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root/
-
Helldown Ransomware Evolves To Target VMware Systems Via Linux
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36617/Helldown-Ransomware-Evolves-To-Target-VMware-Systems-Via-Linux.html
-
Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0
Oracle Linux offers a secure, streamlined platform for deploying and managing applications across on-premises, cloud, and edge environments. Designed for demanding workloads, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/20/oracle-linux-9-update-5/
-
Linux Variant of Helldown Ransomware Targets VMware ESX Servers
Cybersecurity firm Sekoia has discovered a new variant of Helldown ransomware. The article details their tactics and how… First seen on hackread.com Jump to article: hackread.com/helldown-ransomware-linux-variant-vmware-esx-servers/
-
Linux Variant of Helldown Ransomware Targets VMware ESxi Systems
Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/linux-variant-helldown-ransomware-targets-vmware
-
Helldown Ransomware Expands to Target VMware and Linux Systems
Helldown ransomware has expanded its reach to target Linux and VMware systems, exploiting Zyxel firewall vulnerabilities and exfiltrating data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/helldown-ransomware-target-vmware/
-
noexec-Bypass macht Linux-Systeme anfällig für Schadcode
First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/noexec-bypass-macht-linux-systeme-anfaellig-fuer-schadcode-302920.html
-
New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems
Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus.”Helldown deploys Windows ransomware derived from the LockBit 3.0 code,” Sekoia said in a report shared with The Hacker News. “Given the recent development of ransomware targeting ESX, it…