Linux

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, PoC, Qualys, Red Hat, security update, Ubuntu, vulnerability /

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) 05/10/2023 at 16:17 By Zeljka Zorz A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability […]

React to this headline:

Loading spinner

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) Read More »

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions

Linux, Vulnerabilities /

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions 04/10/2023 at 16:16 By Ionut Arghire A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges. The post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr /

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

React to this headline:

Loading spinner

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management /

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

React to this headline:

Loading spinner

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Atlas VPN zero-day allows sites to discover users’ IP address

0-day, Don't miss, exploit, Hot stuff, Linux, News, VPN, vulnerability /

Atlas VPN zero-day allows sites to discover users’ IP address 05/09/2023 at 20:47 By Zeljka Zorz Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address. Details about this zero-day vulnerability as well as exploit code have been publicly released on Reddit several

React to this headline:

Loading spinner

Atlas VPN zero-day allows sites to discover users’ IP address Read More »

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing /

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! 24/08/2023 at 09:32 By Help Net Security Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.3 Besides updates to current tools, new versions of Kali typically introduce

React to this headline:

Loading spinner

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! Read More »

UAC: Live response collection script for incident response

DFIR, GitHub, Incident Response, Linux, News, open source, software, Unix /

UAC: Live response collection script for incident response 27/07/2023 at 05:33 By Help Net Security Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD, and Solaris systems artifacts. It

React to this headline:

Loading spinner

UAC: Live response collection script for incident response Read More »

July 2023 Patch Tuesday forecast: A month of instability and uncertainty

Adobe, Adobe Acrobat, apple, Cisco, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Linux, Malwarebytes, Microsoft, Mozilla, News, Oracle, Patch Tuesday /

July 2023 Patch Tuesday forecast: A month of instability and uncertainty 07/07/2023 at 12:17 By Help Net Security We’re halfway through 2023 already and moving into our seventh Patch Tuesday of the year next week. There’s been a lot of activity with Microsoft this month which may impact updates we’ll see. But first taking a

React to this headline:

Loading spinner

July 2023 Patch Tuesday forecast: A month of instability and uncertainty Read More »

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels

ARCrypt, ChileLocker, Go, Linux, Ransomware, Windows /

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels 06/07/2023 at 19:01 By cybleinc CRIL analyses an updated version of ARCrypt ransomware and an unconventional communication method attackers use. The post ARCrypt Ransomware Evolves with Multiple TOR Communication Channels appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this

React to this headline:

Loading spinner

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels Read More »

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs

kernel, Linux, StackRot, Vulnerabilities, vulnerability /

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs 06/07/2023 at 14:46 By Eduard Kovacs A new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs. The post StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs Read More »

Akira Ransomware Extends Reach to Linux Platform

AES, Akira Ransomware, Banking, BFSI, CAMELLIA, DES, education, Financial Services, IDEA-CB, Insurance, Linux, Linux Executable and Linkable Format, Manufacturing, Professional Services, Ransom note, Ransomware, United States /

Akira Ransomware Extends Reach to Linux Platform 28/06/2023 at 11:17 By cybleinc Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors. The post Akira Ransomware Extends Reach to Linux Platform appeared first on Cyble. This article is an excerpt from Cyble View Original Source React

React to this headline:

Loading spinner

Akira Ransomware Extends Reach to Linux Platform Read More »

Compromised Linux SSH servers engage in DDoS attacks, cryptomining

AhnLab, backdoor, bot, DDoS, Don't miss, Hot stuff, Linux, Malware, News /

Compromised Linux SSH servers engage in DDoS attacks, cryptomining 20/06/2023 at 13:36 By Helga Labus Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot

React to this headline:

Loading spinner

Compromised Linux SSH servers engage in DDoS attacks, cryptomining Read More »

Malicious Tools in the Underground: Investigating their Propagation

AES, apple, Atomic, Binance, C, Chrome, Chromium, Coinbase, Coinomi, Cryptocurrency, darkweb, DDoS, Delphi, DMG, Exodus, Keplr, Keylogging, Linux, LummaC2 Stealer, MaaS, macOS, Malware, Martian, Meduza, MetaMask, Mozilla, Phantom, PKG, RaaS, RSA, Russian, SaaS, ShadowVault, Telegram, Threat Intelligence, Trigona, Tron Link, Trust, Windows /

Malicious Tools in the Underground: Investigating their Propagation 16/06/2023 at 19:04 By cybleinc Cyble Research & Intelligence Labs investigates the recent promulgation of Malicious Tools in underground forums. The post Malicious Tools in the Underground: Investigating their Propagation appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this

React to this headline:

Loading spinner

Malicious Tools in the Underground: Investigating their Propagation Read More »

Evasive NoEscape Ransomware Uses Reflective DLL Injection

8Base Ransomware, ChaCha20, CryptoAPI, cybercrime, ESXi servers, Linux, Linux Variant, Malware, Microsoft Visual C/C++, NoEscape Ransomware, RaaS, Ransomware, SQL, Threat Actors, Twitter, Vmware Converter, Windows 7, Windows XP /

Evasive NoEscape Ransomware Uses Reflective DLL Injection 04/06/2023 at 21:21 By cybleinc Cyble Research and Intelligence Labs analyzes the NoEscape Ransomware-as-a-Service platform and explains how it targets VMware ESXi servers. The post Evasive NoEscape Ransomware Uses Reflective DLL Injection appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to

React to this headline:

Loading spinner

Evasive NoEscape Ransomware Uses Reflective DLL Injection Read More »

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, Offensive Security, open source, penetration testing /

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! 31/05/2023 at 10:29 By Zeljka Zorz Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform. New tools in Kali Linux 2023.2 Aside from updates for existing tools, a new

React to this headline:

Loading spinner

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! Read More »

New Buhti ransomware uses leaked payloads and public exploits

cybercrime, Don't miss, Hot stuff, Linux, Malware, News, Ransomware, Symantec, Windows /

New Buhti ransomware uses leaked payloads and public exploits 26/05/2023 at 08:09 By Helga Labus A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of public exploits One notable aspect of the attackers leveraging the Buhti ransomware is their

React to this headline:

Loading spinner

New Buhti ransomware uses leaked payloads and public exploits Read More »

BlackSuit Ransomware Strikes Windows and Linux Users

BlackSuit, cybercrime, Cylance, darkweb, data breach, Linux, Malware, Ransomware, Royal Ransomware, Threat Intelligence, Unit 42, VMWare, Windows /

BlackSuit Ransomware Strikes Windows and Linux Users 12/05/2023 at 17:02 By cybleinc Cyble Research & Intelligence Labs analyzes a new ransomware named BlackSuit which can target Windows and Linux operating systems. The post BlackSuit Ransomware Strikes Windows and Linux Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React

React to this headline:

Loading spinner

BlackSuit Ransomware Strikes Windows and Linux Users Read More »

Scroll to Top