Discord-Based Malware Attacking Orgs Linux Systems In India
Linux systems are deployed mostly in servers, in the cloud, and in environments that are considered vital; consequently, they are often compromised by attacks from threat actors.
This wide use and deployment of Linux makes...
New Snapekit Rootkit Malware Targeting Arch Linux Users
A rootkit is a type of malicious software that is primarily designed to provide unauthorized access and control over a computer system while hiding its presence.
They can be difficult to detect and remove as...
How Threat Actors Establish Persistence on Linux Systems – Elastic Security Labs
In a detailed continuation of the Linux Detection Engineering series, Elastic Security's Ruben Groenewoud has released an in-depth exploration of advanced persistence mechanisms used by threat actors on Linux systems.
The technical article published...
Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory
Researchers uncovered a vulnerability in the Linux kernel's dmam_free_coherent() function, which stems from a race condition caused by the improper order of operations when freeing DMA (Direct Memory Access) allocations and managing associated resources....
New Double-Extortion Ransomware Attacking Linux Machines
Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group.
This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data,...
Play Ransomware Variant Attacking Linux ESXi Servers
Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could enable threat actors to gain access to a multitude of valuable data and control...
Mallox Ransomware Attacking Linux Servers In Wild – Decryptor Uncovered
Linux servers often provide hosting for critical applications, websites, and databases, which makes them a lucrative target for intruders to get unauthorized access to steal data and manipulate services.
Exploiting security holes in Linux servers...
OpenSSH Critical Vulnerability Exposes Millions of Linux Servers to Arbitrary Code Attacks
A critical vulnerability has been discovered in OpenSSH, a widely used implementation of the SSH protocol, which could potentially expose millions of Linux systems to arbitrary code execution attacks.
The flaw, identified in the...
New Linux Variant Of RansomHub Attacking ESXi Systems
Hackers often attack ESXi systems, as they are widely used in enterprise environments to manage virtualized infrastructure, making them lucrative targets.
Threat actors can exploit security flaws in ESXi to deploy ransomware and perform other...
PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access
Google Released a Proof-of-Concept (PoC) for a critical security vulnerability, identified as CVE-2024-26581, which has been discovered in the Linux kernel and poses significant risks to systems worldwide.
This vulnerability, reported by Google's kCTF...