PostgreSQL databases under attack 2024-08-21 at 16:16 By Zeljka Zorz Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the threat actor: Creates a new […]
React to this headline:
PostgreSQL databases under attack Read More »
“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox 2024-08-09 at 13:01 By Zeljka Zorz A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability stems from how those popular browsers handle network requests
React to this headline:
“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox Read More »
New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous 2024-08-05 at 16:47 By Eduard Kovacs A new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous. The post New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
React to this headline:
New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous Read More »
Kali Linux 2024.2 released: 18 new tools, countless updates 2024-06-05 at 21:31 By Help Net Security Kali Linux 2024.2 is now available. It includes future package compatibility for 32-bit platforms, improvements to GNOME 46 and Xfce, and 18 new tools. Desktop changes Kali 2024.2 introduces GNOME 46, offering a refined experience that builds on the
React to this headline:
Kali Linux 2024.2 released: 18 new tools, countless updates Read More »
NethSecurity: Open-source Linux firewall 2024-06-03 at 07:31 By Mirko Zorz NethSecurity is a free, open-source Linux firewall that simplifies network security deployment. It integrates various security features into one platform, including firewalling, intrusion detection and prevention, antivirus, multi-WAN, DNS, and content filtering. NethSecurity has an intuitive interface that delivers real-time insights and control over network
React to this headline:
NethSecurity: Open-source Linux firewall Read More »
CISA Warns of Exploited Linux Kernel Vulnerability 2024-05-31 at 14:46 By Ionut Arghire CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation. The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to
React to this headline:
CISA Warns of Exploited Linux Kernel Vulnerability Read More »
Fail2Ban: Ban hosts that cause multiple authentication errors 2024-05-24 at 08:02 By Mirko Zorz Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses for a configurable
React to this headline:
Fail2Ban: Ban hosts that cause multiple authentication errors Read More »
Ebury botnet compromises 400,000+ Linux servers 2024-05-16 at 07:31 By Help Net Security ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of compromised servers in its at least 15-year-long operation. The Ebury group and botnet have been involved
React to this headline:
Ebury botnet compromises 400,000+ Linux servers Read More »
BLint: Open-source tool to check the security properties of your executables 2024-05-14 at 07:31 By Mirko Zorz BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries. BLint features “Several source code analysis
React to this headline:
BLint: Open-source tool to check the security properties of your executables Read More »
Nmap 7.95 released: New OS and service detection signatures 2024-05-10 at 07:31 By Help Net Security Nmap is a free, open-source tool for network discovery and security auditing. It’s valued by systems and network administrators for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap identifies available hosts on a network,
React to this headline:
Nmap 7.95 released: New OS and service detection signatures Read More »
Pktstat: Open-source ethernet interface traffic monitor 2024-05-08 at 07:01 By Mirko Zorz Pktstat is an open-source tool that is a straightforward alternative to ncurses-based Pktstat. On Linux, it utilizes AF_PACKET, while on other platforms, it employs generic PCAP live wire capture. Pktstat is a versatile tool that doesn’t rely on advanced or recent Linux kernel
React to this headline:
Pktstat: Open-source ethernet interface traffic monitor Read More »
Why financial infrastructure needs to be open-source — Hyperledger 2024-04-19 at 13:02 By Cointelegraph by Gareth Jenkinson Governments and major financial institutions are actively building open-source blockchain solutions on the Linux Foundation’s Hyperledger tools. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:
React to this headline:
Why financial infrastructure needs to be open-source — Hyperledger Read More »
XZ Utils backdoor: Detection tools, scripts, rules 2024-04-08 at 16:31 By Zeljka Zorz As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skilled threat
React to this headline:
XZ Utils backdoor: Detection tools, scripts, rules Read More »
‘WallEscape’ Linux Vulnerability Leaks User Passwords 2024-04-01 at 19:31 By Ionut Arghire A vulnerability in util-linux, a core utilities package in Linux systems, allows attackers to leak user passwords and modify the clipboard. The post ‘WallEscape’ Linux Vulnerability Leaks User Passwords appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View
React to this headline:
‘WallEscape’ Linux Vulnerability Leaks User Passwords Read More »
XZ Utils backdoor update: Which Linux distros are affected and what can you do? 2024-03-31 at 21:01 By Zeljka Zorz The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled the open-source software community on Friday, mere hours until the beginning of
React to this headline:
XZ Utils backdoor update: Which Linux distros are affected and what can you do? Read More »
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) 2024-03-29 at 20:31 By Zeljka Zorz A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,” Red Hat warns.
React to this headline:
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) Read More »
Lynis: Open-source security auditing tool 2024-03-19 at 06:06 By Mirko Zorz Lynis is a comprehensive open-source security auditing tool for UNIX-based systems, including Linux, macOS, and BSD. Hardening with Lynis Lynis conducts a thorough security examination of the system directly. Its main objective is to evaluate security measures and recommend enhancing system hardening. The tool
React to this headline:
Lynis: Open-source security auditing tool Read More »
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware 2024-03-12 at 11:01 By Helga Labus A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connect Secure VPN flaws that are widely
React to this headline:
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware Read More »
Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability 2024-02-07 at 16:31 By Ionut Arghire A critical remote code execution vulnerability in Shim could allow attackers to take over vulnerable Linux systems. The post Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability Read More »
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities 2024-02-01 at 17:31 By Helga Labus The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is
React to this headline:
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities Read More »