Apr 15, 2025Ravie LakshmananLinux / Malware The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save … [Read more...] about Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
Linux
Protecting Android, Windows, and Linux devices against being tracked via the Find My network
AirTags are a popular tracking device used by anyone from forgetful key owners to those with malicious intent, such as jealous spouses and car thieves. Using AirTags for spying is simple: a tag is discreetly placed on the target to allow their movements to be conveniently monitored using Apple Find My. We’ve even added protection from AirTag-based tracking to our products for … [Read more...] about Protecting Android, Windows, and Linux devices against being tracked via the Find My network
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that's capable of infecting both Windows and Apple systems with an aim to harvest data. It was first … [Read more...] about LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Installing Falcon Sensor for Linux
Summary In this resource you will learn how to quickly and easily install the Falcon Sensor for Linux. The Problem Deploying cybersecurity shouldn’t be difficult. Many security tools on the market today still require reboots or complex deployment that impact your business operations. The Value of the CrowdStrike Falcon Platform CrowdStrike’s Falcon sensor is simple to deploy … [Read more...] about Installing Falcon Sensor for Linux
New Linux Kernel Exploit Technique ‘SLUBStick’ Discovered by Researchers
Aug 07, 2024Ravie LakshmananLinux / Vulnerability Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory read-and-write primitive. "Initially, it exploits a timing side-channel of the allocator to perform a cross-cache attack reliably," a … [Read more...] about New Linux Kernel Exploit Technique ‘SLUBStick’ Discovered by Researchers
Tracing Linux: A file integrity monitoring use case
In the current landscape of tracing Linux, eBPF emerges as the de-facto solution to implement FIM, facilitating real-time kernel event instrumentation with extensive detail delivered to user space. However, tracing file events with user information on older Linux kernels proves more complex than initially perceived. In such scenarios, eBPF is not always the straightforward … [Read more...] about Tracing Linux: A file integrity monitoring use case
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Apr 02, 2024NewsroomFirmware Security / Vulnerability The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when … [Read more...] about Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
Mar 30, 2024NewsroomLinux / Supply Chain Attack Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of … [Read more...] about Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Feb 29, 2024NewsroomLinux / Network Security Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. GPRS roaming allows subscribers to … [Read more...] about GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros
Feb 07, 2024NewsroomDevice Security / Vulnerability The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the … [Read more...] about Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros