Tag: linux
-
Secure web browsers for the enterprise compared: How to pick the right one
Tags: access, ai, android, api, attack, browser, business, chrome, cloud, computer, control, corporate, data, encryption, endpoint, fortinet, gartner, google, guide, identity, linux, login, malicious, malware, mfa, mobile, monitoring, network, okta, phishing, saas, service, siem, software, technology, threat, tool, training, vpn, windows, zero-trustEnable MFA at the beginning of any browser session by default.Handle isolation controls both with respect to the user’s session and to isolate any application from cross-infection. This means controlling the movement of data between the browser, your particular endpoint and the web application or applications involved.Control access to web destinations, either to allow or…
-
Attackers Abuse WSL2 to Operate Undetected on Windows Systems
Windows Subsystem for Linux (WSL) has transformed the developer experience on Windows. However, it has also quietly created a powerful hiding place for attackers. With WSL2, Microsoft moved from lightweight translation to a whole virtual machine (VM) model. That architectural change gives adversaries a semi-isolated Linux environment running inside Hyper”‘V that is rarely monitored by…
-
Ready for a newbie-friendly Linux? Mint team officially releases v 22.3, ‘Zena’
Newer kernel, newer Cinnamon, new tools, and even new icons First seen on theregister.com Jump to article: www.theregister.com/2026/01/16/linux_mint_223_zena_officially_release/
-
RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave
Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rondodox-botnet-targets-hpe/
-
Check Point Research: VoidLink Shows Cloud-Native Linux Malware Evolving
Check Point researchers say VoidLink shows how cloud-native Linux malware is evolving with stealthy, modular persistence. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/check-point-research-voidlink-shows-cloud-native-linux-malware-evolving/
-
Sophisticated VoidLink malware framework targets Linux cloud servers
Cloud reconnaissance and adaptability: The malware was designed to detect whether it’s being executed on various cloud platforms such as AWS, GCP, Azure, Alibaba, and Tencent and then to start leveraging those vendors’ management APIs. The code suggests the developers plan to add detections for Huawei, DigitalOcean, and Vultr in the future.The malware collects extensive…
-
New Linux malware targets the cloud, steals creds, and then vanishes
Cloud-native, 37 plugins “¦ an attacker’s dream First seen on theregister.com Jump to article: www.theregister.com/2026/01/14/voidlink_linux_malware/
-
New China Linked VoidLink Linux Malware Targets Major Cloud Providers
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden. First seen on hackread.com Jump to article: hackread.com/china-voidlink-linux-malware-cloud-providers/
-
‘VoidLink’ Malware Poses Advanced Threat to Linux Systems
Researchers discovered a modular, cloud-first framework that is feature-rich and designed to maintain stealthy, long-term access to Linux environments. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/voidlink-malware-advanced-threat-linux-systems
-
Never-before-seen Linux malware is “far more advanced than typical”
VoidLink includes an unusually broad and advanced array of capabilities. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/01/never-before-seen-linux-malware-is-far-more-advanced-than-typical/
-
New VoidLink malware framework targets Linux cloud servers
A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for modern infrastructures. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-voidlink-malware-framework-targets-linux-cloud-servers/
-
Analysis of VoidLink: A Cloud-Native Malware Threat Targeting Linux Systems
A sophisticated Linux malware framework, VoidLink, has been identified by Check Point Research, representing a significant escalation in threats targeting cloud-native environments. The advanced framework, developed by Chinese-affiliated developers, combines custom loaders, implants, rootkits, and over 30 modular plugins specifically engineered to maintain persistent access to Linux systems while evading detection through multiple layers of…
-
Multipurpose GoBruteforcer Botnet Targets 50K+ Linux Servers
Researchers detailed a souped-up version of the GoBruteforcer botnet that preys on servers with weak credentials and AI-generated configurations. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/gobruteforcer-botnet-targets-50k-plus-linux-servers
-
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-malware-framework-linux/
-
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-malware-framework-linux/
-
New Advanced Linux VoidLink Malware Targets Cloud and container Environments
Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that’s specifically designed for long-term, stealthy access to Linux-based cloud environmentsAccording to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modular First seen on thehackernews.com Jump to…
-
Parrot OS shares its 2026 plans for security tools and platform support
Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/13/parrot-os-2026-plans-security-platform-roadmap/
-
Parrot OS shares its 2026 plans for security tools and platform support
Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/13/parrot-os-2026-plans-security-platform-roadmap/
-
<> Modulares Botnetz nutzt Standard-Zugangsdaten für Angriffe auf Webserver
Check Point Research (CPR), die Sicherheitsforschungsabteilung von Check Point Software Technologies, hat eine neue, hochaktive Malware-Kampagne analysiert: GoBruteforcer (auch ‘GoBrut” genannt). Dabei handelt es sich um ein in der Programmiersprache Go (Golang) entwickeltes, modulares Botnetz, das systematisch öffentlich erreichbare Web- und Datenbank-Services angreift darunter FTP, MySQL, PostgreSQL und phpMyAdmin auf Linux-Servern. Die Kampagne nutzt […]…
-
GoBruteforcer Botnet Targets 50K-plus Linux Servers
Researchers detailed a souped-up version of the GoBruteforcer botnet that preys on servers with weak credentials and AI-generated configurations. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/gobruteforcer-botnet-targets-50k-plus-linux-servers
-
NDSS 2025 Mens Sana In Corpore Sano: Sound Firmware Corpora For Vulnerability Research
Session 8C: Hard & Firmware Security Authors, Creators & Presenters: René Helmke (Fraunhofer FKIE), Elmar Padilla (Fraunhofer FKIE, Germany), Nils Aschenbruck (University of Osnabrück) PAPER Mens Sana In Corpore Sano: Sound Firmware Corpora for Vulnerability Research Firmware corpora for vulnerability research should be scientifically sound. Yet, several practical challenges complicate the creation of sound corpora:…
-
Check Point Research enttarnt modulares Botnetz GoBruteforcer
Dabei handelt es sich um ein in der Programmiersprache Go (Golang) entwickeltes, modulares Botnetz, das systematisch öffentlich erreichbare Web- und Datenbank-Services angreift darunter FTP, MySQL, PostgreSQL und phpMyAdmin auf Linux-Servern. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-research-enttarnt-modulares-botnetz-gobruteforcer/a43330/
-
GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials
A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that’s capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers.”The current wave of campaigns is driven by two factors: the mass reuse of AI-generated server deployment examples…
-
Critical InputPlumber Flaw Enables UI Input Injection and DenialService
Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive information, and cause denial-of-service conditions. The flaws, tracked as CVE-2025-66005 and CVE-2025-14338, affect InputPlumber versions before v0.69.0 and stem from inadequate D-Bus authorization checks. CVE ID Description Affected Versions Impact…
-
New China-linked hackers breach telcos using edge device exploits
A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its operations to include organizations in Southeastern Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-china-linked-hackers-breach-telcos-using-edge-device-exploits/
-
GoBruteforcer Botnet Targets Linux Servers
The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gobruteforcer-botnet-linux-servers/
-
The Myth of Linux Invincibility: Why Automated Patch Management is Key to Securing the Open Source Enterprise
Users and developers have hailed Linux as the operating system that >>just works,<< celebrating it for decades as a symbol of open source strength, speed, and security. Linux's architecture and permissions model have long helped maintain cybersecurity resilience, fostering a reputation for near-invincible security. However, without additional layers of security to protect enterprise environments beyond..…
-
China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes
A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe.The activity cluster, which has been active since at least 2022, primarily focuses on extensive technical reconnaissance of target organizations before initiating attacks, ultimately leading to the deployment of malware families such as RushDrop First…
-
50,000 Servers Exposed as GoBruteforcer Scales Brute-Force Attacks
GoBruteforcer is exploiting weak credentials to compromise thousands of exposed Linux servers. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/50000-servers-exposed-as-gobruteforcer-scales-brute-force-attacks/
-
GitLab Patches Multiple Flaws Allowing Arbitrary Code Execution
Linux administrators are being urged to update promptly after disclosures of multiple vulnerabilities in GitLab, including flaws that could enablecross-site scripting, authorization bypass, and denial of service inselfmanagedinstances. The latest patch releases, GitLab 18.7.1, 18.6.3, and 18.5.5, address these security issues alongside several bug fixes and dependency updates, and are already deployed on GitLab.com. GitLab…