SIEM as a Service
Discord-Based Malware Attacking Orgs Linux Systems In India

Discord-Based Malware Attacking Orgs Linux Systems In India

Linux systems are deployed mostly in servers, in the cloud, and in environments that are considered vital; consequently, they are often compromised by attacks from threat actors. This wide use and deployment of Linux makes...
New Sophisticated Rootkit Targeting Arch Linux

New Snapekit Rootkit Malware Targeting Arch Linux Users

A rootkit is a type of malicious software that is primarily designed to provide unauthorized access and control over a computer system while hiding its presence. They can be difficult to detect and remove as...
How Threat Actors Establish Persistence on Linux Systems – Elastic Security Labs

How Threat Actors Establish Persistence on Linux Systems – Elastic Security Labs

In a detailed continuation of the Linux Detection Engineering series, Elastic Security's Ruben Groenewoud has released an in-depth exploration of advanced persistence mechanisms used by threat actors on Linux systems. The technical article published...
Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory

Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory

Researchers uncovered a vulnerability in the Linux kernel's dmam_free_coherent() function, which stems from a race condition caused by the improper order of operations when freeing DMA (Direct Memory Access) allocations and managing associated resources....
Linux ransomare

New Double-Extortion Ransomware Attacking Linux Machines

Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group. This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data,...
Play Ransomware’s Linux Variant Attacking ESXi Servers

Play Ransomware Variant Attacking Linux ESXi Servers

Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could enable threat actors to gain access to a multitude of valuable data and control...
Mallox Ransomware Attacking Linux Servers In Wild – Decryptor Uncovered

Mallox Ransomware Attacking Linux Servers In Wild – Decryptor Uncovered

Linux servers often provide hosting for critical applications, websites, and databases, which makes them a lucrative target for intruders to get unauthorized access to steal data and manipulate services. Exploiting security holes in Linux servers...
Openssh Critical Flaw Exposes Millions of Linux to Arbitrary Code Attacks

OpenSSH Critical Vulnerability Exposes Millions of Linux Servers to Arbitrary Code Attacks

A critical vulnerability has been discovered in OpenSSH, a widely used implementation of the SSH protocol, which could potentially expose millions of Linux systems to arbitrary code execution attacks. The flaw, identified in the...
New Linux Variant Of RansomHub Attacking ESXi Systems

New Linux Variant Of RansomHub Attacking ESXi Systems

Hackers often attack ESXi systems, as they are widely used in enterprise environments to manage virtualized infrastructure, making them lucrative targets. Threat actors can exploit security flaws in ESXi to deploy ransomware and perform other...
PoC Exploit Released for Linux Kernel Vulnerability

PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access

Google Released a Proof-of-Concept (PoC) for a critical security vulnerability, identified as CVE-2024-26581, which has been discovered in the Linux kernel and poses significant risks to systems worldwide. This vulnerability, reported by Google's kCTF...
SIEM as a Service

Recent Posts

Microsoft Accidently Allow Unprivileged Users to Change Their User Principal Names...

Microsoft has allowed unprivileged users to update their own User Principal Names (UPNs) in Entra ID, sparking concerns over security and administrative oversight. To...