Linux

Looney Tunables bug exploited for cryptojacking

Aqua Security, cloud computing, cryptojacking, Don't miss, exploit, Hot stuff, Linux, News, vulnerability /

Looney Tunables bug exploited for cryptojacking 07/11/2023 at 12:46 By Helga Labus Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications […]

Looney Tunables bug exploited for cryptojacking Read More »

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks 

Cloud, cloud security, exploited, Featured, Linux /

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  06/11/2023 at 17:06 By Eduard Kovacs Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group.  The post ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  Read More »

BiBi-Linux wiper targets Israeli companies

Don't miss, Hacktivism, Hot stuff, Israel, Linux, Malware, News, Security Joes /

BiBi-Linux wiper targets Israeli companies 31/10/2023 at 15:01 By Helga Labus Attackers have started using new wiper malware called BiBi-Linux to attack Israeli companies and destroy their data. The BiBi-Linux wiper The Security Joes Incident Response team found the malware during a forensics investigation of a breach within an Israeli company. “This malware is an

BiBi-Linux wiper targets Israeli companies Read More »

From Windows 9x to 11: Tracing Microsoft’s security evolution

CISA, CISO, cybersecurity, Don't miss, Features, Hot stuff, Linux, macOS, Microsoft, News, opinion, strategy, Tenable, Windows /

From Windows 9x to 11: Tracing Microsoft’s security evolution 31/10/2023 at 09:01 By Mirko Zorz Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for future developments. In this Help Net Security interview, we feature security researcher Alex

From Windows 9x to 11: Tracing Microsoft’s security evolution Read More »

10 essential cybersecurity cheat sheets available for free

cloud security, cybersecurity, Don't miss, guide, Hot stuff, Incident Response, Linux, News, skill development, strategy, tips, Windows /

10 essential cybersecurity cheat sheets available for free 18/10/2023 at 07:02 By Help Net Security Cheat sheets are concise, to-the-point references tailored for instant insights. This article provides a curated list of 10 essential cybersecurity cheat sheets, all free to download. Whether you’re seeking a quick refresher or a beginner trying to make sense of

10 essential cybersecurity cheat sheets available for free Read More »

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

containers, Debian, Don't miss, Hot stuff, IoT, Linux, News, open source, patching, Red Hat, security update, Ubuntu, vulnerability /

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) 11/10/2023 at 13:31 By Zeljka Zorz Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. Preparation for the security updates A little over a

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) Read More »

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems

GNOME, Linux, Vulnerabilities /

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems 10/10/2023 at 17:02 By Eduard Kovacs A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems. The post One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems appeared first on SecurityWeek. This article is

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems Read More »

GNOME users at risk of RCE attack (CVE-2023-43641)

Debian, Don't miss, Fedora, GitHub, Hot stuff, Linux, News, open source, Red Hat, SUSE, Ubuntu, vulnerability, vulnerability disclosure /

GNOME users at risk of RCE attack (CVE-2023-43641) 10/10/2023 at 14:32 By Zeljka Zorz If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library. About CVE-2023-43641 Discovered by GitHub security researcher Kevin Backhouse,

GNOME users at risk of RCE attack (CVE-2023-43641) Read More »

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, PoC, Qualys, Red Hat, security update, Ubuntu, vulnerability /

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) 05/10/2023 at 16:17 By Zeljka Zorz A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) Read More »

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions

Linux, Vulnerabilities /

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions 04/10/2023 at 16:16 By Ionut Arghire A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges. The post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions appeared first on SecurityWeek. This article is an excerpt

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr /

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management /

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Atlas VPN zero-day allows sites to discover users’ IP address

0-day, Don't miss, exploit, Hot stuff, Linux, News, VPN, vulnerability /

Atlas VPN zero-day allows sites to discover users’ IP address 05/09/2023 at 20:47 By Zeljka Zorz Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address. Details about this zero-day vulnerability as well as exploit code have been publicly released on Reddit several

Atlas VPN zero-day allows sites to discover users’ IP address Read More »

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing /

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! 24/08/2023 at 09:32 By Help Net Security Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.3 Besides updates to current tools, new versions of Kali typically introduce

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more! Read More »

UAC: Live response collection script for incident response

DFIR, GitHub, Incident Response, Linux, News, open source, software, Unix /

UAC: Live response collection script for incident response 27/07/2023 at 05:33 By Help Net Security Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD, and Solaris systems artifacts. It

UAC: Live response collection script for incident response Read More »

July 2023 Patch Tuesday forecast: A month of instability and uncertainty

Adobe, Adobe Acrobat, apple, Cisco, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Linux, Malwarebytes, Microsoft, Mozilla, News, Oracle, Patch Tuesday /

July 2023 Patch Tuesday forecast: A month of instability and uncertainty 07/07/2023 at 12:17 By Help Net Security We’re halfway through 2023 already and moving into our seventh Patch Tuesday of the year next week. There’s been a lot of activity with Microsoft this month which may impact updates we’ll see. But first taking a

July 2023 Patch Tuesday forecast: A month of instability and uncertainty Read More »

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels

ARCrypt, ChileLocker, Go, Linux, Ransomware, Windows /

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels 06/07/2023 at 19:01 By cybleinc CRIL analyses an updated version of ARCrypt ransomware and an unconventional communication method attackers use. The post ARCrypt Ransomware Evolves with Multiple TOR Communication Channels appeared first on Cyble. This article is an excerpt from Cyble View Original Source

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels Read More »

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs

kernel, Linux, StackRot, Vulnerabilities, vulnerability /

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs 06/07/2023 at 14:46 By Eduard Kovacs A new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs. The post StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs Read More »

Akira Ransomware Extends Reach to Linux Platform

AES, Akira Ransomware, Banking, BFSI, CAMELLIA, DES, education, Financial Services, IDEA-CB, Insurance, Linux, Linux Executable and Linkable Format, Manufacturing, Professional Services, Ransom note, Ransomware, United States /

Akira Ransomware Extends Reach to Linux Platform 28/06/2023 at 11:17 By cybleinc Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors. The post Akira Ransomware Extends Reach to Linux Platform appeared first on Cyble. This article is an excerpt from Cyble View Original Source

Akira Ransomware Extends Reach to Linux Platform Read More »

Compromised Linux SSH servers engage in DDoS attacks, cryptomining

AhnLab, backdoor, bot, DDoS, Don't miss, Hot stuff, Linux, Malware, News /

Compromised Linux SSH servers engage in DDoS attacks, cryptomining 20/06/2023 at 13:36 By Helga Labus Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot

Compromised Linux SSH servers engage in DDoS attacks, cryptomining Read More »

Scroll to Top