GNU C Library Vulnerability Leads to Full Root Access 2024-01-31 at 19:47 By Ionut Arghire Researchers at Qualys call attention to a vulnerability in Linux’s GNU C Library (glibc) that allows full root access to a system. The post GNU C Library Vulnerability Leads to Full Root Access appeared first on SecurityWeek. This article is […]
React to this headline:
GNU C Library Vulnerability Leads to Full Root Access Read More »
Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations 2024-01-16 at 06:31 By Mirko Zorz Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities.
React to this headline:
Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations Read More »
AuthLogParser: Open-source tool for analyzing Linux authentication logs 2024-01-08 at 07:31 By Mirko Zorz AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs (auth.log). The tool examines the auth.log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others. It
React to this headline:
AuthLogParser: Open-source tool for analyzing Linux authentication logs Read More »
Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more! 05/12/2023 at 21:31 By Zeljka Zorz OffSec (previously Offensive Security) has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.4 The list of tools freshly added to Kali Linux includes:
React to this headline:
Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more! Read More »
Apache ActiveMQ bug exploited to deliver Kinsing malware 21/11/2023 at 15:02 By Helga Labus Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services
React to this headline:
Apache ActiveMQ bug exploited to deliver Kinsing malware Read More »
Looney Tunables bug exploited for cryptojacking 07/11/2023 at 12:46 By Helga Labus Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications
React to this headline:
Looney Tunables bug exploited for cryptojacking Read More »
‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks 06/11/2023 at 17:06 By Eduard Kovacs Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group. The post ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
React to this headline:
‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks Read More »
BiBi-Linux wiper targets Israeli companies 31/10/2023 at 15:01 By Helga Labus Attackers have started using new wiper malware called BiBi-Linux to attack Israeli companies and destroy their data. The BiBi-Linux wiper The Security Joes Incident Response team found the malware during a forensics investigation of a breach within an Israeli company. “This malware is an
React to this headline:
BiBi-Linux wiper targets Israeli companies Read More »
From Windows 9x to 11: Tracing Microsoft’s security evolution 31/10/2023 at 09:01 By Mirko Zorz Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for future developments. In this Help Net Security interview, we feature security researcher Alex
React to this headline:
From Windows 9x to 11: Tracing Microsoft’s security evolution Read More »
10 essential cybersecurity cheat sheets available for free 18/10/2023 at 07:02 By Help Net Security Cheat sheets are concise, to-the-point references tailored for instant insights. This article provides a curated list of 10 essential cybersecurity cheat sheets, all free to download. Whether you’re seeking a quick refresher or a beginner trying to make sense of
React to this headline:
10 essential cybersecurity cheat sheets available for free Read More »
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) 11/10/2023 at 13:31 By Zeljka Zorz Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. Preparation for the security updates A little over a
React to this headline:
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) Read More »
One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems 10/10/2023 at 17:02 By Eduard Kovacs A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems. The post One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems appeared first on SecurityWeek. This article is
React to this headline:
One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems Read More »
GNOME users at risk of RCE attack (CVE-2023-43641) 10/10/2023 at 14:32 By Zeljka Zorz If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library. About CVE-2023-43641 Discovered by GitHub security researcher Kevin Backhouse,
React to this headline:
GNOME users at risk of RCE attack (CVE-2023-43641) Read More »
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) 05/10/2023 at 16:17 By Zeljka Zorz A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability
React to this headline:
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) Read More »
Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions 04/10/2023 at 16:16 By Ionut Arghire A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges. The post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions Read More »
Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three
React to this headline:
Critical zero-days in Exim revealed, only 3 have been fixed Read More »
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,
React to this headline:
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »
Atlas VPN zero-day allows sites to discover users’ IP address 05/09/2023 at 20:47 By Zeljka Zorz Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address. Details about this zero-day vulnerability as well as exploit code have been publicly released on Reddit several
React to this headline:
Atlas VPN zero-day allows sites to discover users’ IP address Read More »
Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! 24/08/2023 at 09:32 By Help Net Security Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.3 Besides updates to current tools, new versions of Kali typically introduce
React to this headline:
Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! Read More »
UAC: Live response collection script for incident response 27/07/2023 at 05:33 By Help Net Security Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD, and Solaris systems artifacts. It
React to this headline:
UAC: Live response collection script for incident response Read More »