Linux

A Stealthy Linux Malware Targeting Latin American Financial Sector

Jun 10, 2022 by iHash Leave a Comment

Cybersecurity researchers have taken the wraps off what they call a "nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems. Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources … [Read more...] about A Stealthy Linux Malware Targeting Latin American Financial Sector

New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw

Mar 16, 2022 by iHash Leave a Comment

A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360's Netlab security team called it B1txor20 "based on its propagation using the file name 'b1t,' the XOR encryption algorithm, and the RC4 algorithm key length of 20 … [Read more...] about New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw

New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

Mar 5, 2022 by iHash Leave a Comment

Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host. The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical … [Read more...] about New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

Hunting pwnkit (CVE-2021-4034) in Linux

Feb 2, 2022 by iHash Leave a Comment

In November 2021, a vulnerability was discovered in a ubiquitous Linux module named Polkit. Developed by Red Hat, Polkit facilitates the communication between privileged and unprivileged processes on Linux endpoints. Due to a flaw in a component of Polkit — pkexec — a local privilege escalation vulnerability exists that, when exploited, will allow a standard user to elevate to … [Read more...] about Hunting pwnkit (CVE-2021-4034) in Linux

Kubernetes Container Escape Using Linux Kernel Exploit

Feb 1, 2022 by iHash Leave a Comment

On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions. CVE-2022-0185 … [Read more...] about Kubernetes Container Escape Using Linux Kernel Exploit

How to Extract Memory Information to Spot Linux Malware

Jan 28, 2022 by iHash Leave a Comment

Threat actors go to great lengths to hide the intentions of the malware they produce This blog demonstrates reliable methods for extracting information from popular Linux shells Extracted memory information can help categorize unknown software as malicious or benign and could reveal information to help incident responders Some malware is only ever resident in memory, so memory … [Read more...] about How to Extract Memory Information to Spot Linux Malware

New Golang-based Linux Malware Targeting eCommerce Websites

Nov 22, 2021 by iHash Leave a Comment

Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites. "The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms," researchers from Sansec Threat Research said in an analysis. … [Read more...] about New Golang-based Linux Malware Targeting eCommerce Websites

Abcbot — A New Evolving Wormable Botnet Malware Targeting Linux

Nov 12, 2021 by iHash Leave a Comment

Researchers from Qihoo 360's Netlab security team have released details of a new evolving botnet called "Abcbot" that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service (DDoS) attacks against targets. While the earliest version of the botnet dates back to July 2021, new variants observed as recently … [Read more...] about Abcbot — A New Evolving Wormable Botnet Malware Targeting Linux

One-Click Attack Surface in Linux Desktop Environments

Nov 10, 2021 by iHash Leave a Comment

The Advanced Research Team at CrowdStrike Intelligence discovered multiple vulnerabilities affecting libvncclient. In some widely used desktop environments, such as GNOME, these vulnerabilities can be triggered in a one-click fashion. Introduction Client-side exploitation has become a crucial component of many attackers’ toolkits. In the desktop space, exploiting browsers is … [Read more...] about One-Click Attack Surface in Linux Desktop Environments

FinSpy (aka FinFisher) spyware for Windows, macOS, Linux, Android, and iOS

Oct 9, 2021 by iHash Leave a Comment

At Kaspersky’s recent Security Analyst Summit, our experts presented a detailed report on FinSpy (aka FinFisher) spyware and its distribution methods, including some previously unknown ones. You can read more about their findings in Securelist’s post. In this article, meanwhile, we explore what kind of malware FinSpy is and how you can protect yourself from it. What is FinSpy … [Read more...] about FinSpy (aka FinFisher) spyware for Windows, macOS, Linux, Android, and iOS

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54