Discord-Based Malware Attacking Orgs Linux Systems In India
Linux systems are deployed mostly in servers, in the cloud, and in environments that are considered vital; consequently, they are often compromised by attacks from threat actors.
This wide use and deployment of Linux makes...
TeamTNT Hackers Attacking VPS Servers Running CentOS
A notorious hacking group known as TeamTNT has resurfaced with a new campaign targeting Virtual Private Server (VPS) infrastructures running on the CentOS operating system.
The group, known for its cryptojacking activities, has been active...
Hackers Using Supershell Malware To Attack Linux SSH Servers
Supershell is a command-and-control (C2) remote control platform that operates through web services.
It allows users to establish a reverse SSH tunnel, enabling a fully interactive shell session. Recently, ASEC researchers discovered that hackers have...
New Linux Malware Exploiting Oracle Weblogic Servers
Oracle WebLogic Server is an application server that is primarily designed to develop, deploy, and manage enterprise applications based on Java EE and Jakarta EE standards.
It serves as a critical component of Oracle's Fusion...
PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access
Google Released a Proof-of-Concept (PoC) for a critical security vulnerability, identified as CVE-2024-26581, which has been discovered in the Linux kernel and poses significant risks to systems worldwide.
This vulnerability, reported by Google's kCTF...
New Snapekit Rootkit Malware Targeting Arch Linux Users
A rootkit is a type of malicious software that is primarily designed to provide unauthorized access and control over a computer system while hiding its presence.
They can be difficult to detect and remove as...
How Threat Actors Establish Persistence on Linux Systems – Elastic Security Labs
In a detailed continuation of the Linux Detection Engineering series, Elastic Security's Ruben Groenewoud has released an in-depth exploration of advanced persistence mechanisms used by threat actors on Linux systems.
The technical article published...
Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory
Researchers uncovered a vulnerability in the Linux kernel's dmam_free_coherent() function, which stems from a race condition caused by the improper order of operations when freeing DMA (Direct Memory Access) allocations and managing associated resources....
New Double-Extortion Ransomware Attacking Linux Machines
Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group.
This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data,...
Play Ransomware Variant Attacking Linux ESXi Servers
Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could enable threat actors to gain access to a multitude of valuable data and control...