Threats & Malware, Virus & Malware
March 4, 2024
Via: Security AffairsPalo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain. The Bifrost RAT has been active since 2004, it allows its operators […]
Threats & Malware, Virus & Malware
December 6, 2023
Via: The RegisterA years-old Bluetooth authentication bypass vulnerability allows miscreants to connect to Apple, Android and Linux devices and inject keystrokes to run arbitrary commands, according to a software engineer at drone technology firm SkySafe. The bug, tracked as CVE-2023-45866, doesn’t require […]
Threats & Malware, Vulnerabilities
October 5, 2023
Via: Help Net SecurityA vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability in […]
Threats & Malware, Virus & Malware
September 18, 2023
Via: The RegisterAs cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS platform, but not necessarily the ones you might think. Researchers from […]
Threats & Malware, Virus & Malware
August 7, 2023
Via: The Hacker NewsVulnerable Redis services have been targeted by a “new, improved, dangerous” variant of a malware called SkidMap that’s engineered to target a wide range of Linux distributions. “The malicious nature of this malware is to adapt to the system on […]
Threats & Malware, Vulnerabilities
July 27, 2023
Via: The Hacker NewsCybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the […]
Threats & Malware, Virus & Malware
July 20, 2023
Via: The Hacker NewsCybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. “P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than […]
Threats & Malware, Virus & Malware
July 13, 2023
Via: The Hacker NewsIn a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a “crafty” persistence method. “In this instance, the PoC is a wolf in […]
June 16, 2023
Via: The Hacker NewsThe threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor’s capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via […]
May 15, 2023
Via: The Hacker NewsA new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike […]
Application security, Security
May 12, 2023
Via: The Hacker NewsA previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. “BPFDoor retains its reputation as an extremely stealthy and […]
April 27, 2023
Via: The Hacker NewsThe threat actors behind RTM Locker have developed a ransomware strain that’s capable of targeting Linux machines, marking the group’s first foray into the open source operating system. “Its locker ransomware infects Linux, NAS, and ESXi hosts and appears to […]
April 10, 2023
Via: The Hacker NewsOver one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. The massive campaign, per GoDaddy’s Sucuri, “leverages all known and recently discovered theme and plugin vulnerabilities” to […]
Threats & Malware, Vulnerabilities
March 30, 2023
Via: The Hacker NewsA group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming […]
Threats & Malware, Virus & Malware
March 21, 2023
Via: The Hacker NewsPoorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. “ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC […]
Threats & Malware, Virus & Malware
February 17, 2023
Via: The Hacker NewsA new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto […]
February 7, 2023
Via: Security WeekCl0p has been one of the most active ransomware families over the past several years, targeting numerous private and public organizations globally, in sectors such as aerospace, energy, education, finance, high-tech, healthcare, manufacturing, telecoms, and transportation and logistics. In November […]
Threats & Malware, Vulnerabilities
January 13, 2023
Via: CSO OnlineIn December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, the company released more details about a sophisticated malware implant that […]
Threats & Malware, Virus & Malware
January 4, 2023
Via: The Hacker NewsA new Linux malware developed using the shell script compiler (shc) has been observed deploying a cryptocurrency miner on compromised systems. “It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware […]
Threats & Malware, Virus & Malware
December 12, 2022
Via: The Hacker NewsA cryptocurrency mining attack targeting the Linux operating system also involved the use of an open source remote access trojan (RAT) dubbed CHAOS. The threat, which was spotted by Trend Micro in November 2022, remains virtually unchanged in all other […]