SIEM as a Service
Discord-Based Malware Attacking Orgs Linux Systems In India

Discord-Based Malware Attacking Orgs Linux Systems In India

Linux systems are deployed mostly in servers, in the cloud, and in environments that are considered vital; consequently, they are often compromised by attacks from threat actors. This wide use and deployment of Linux makes...
TeamTNT Hackers Attacking VPS Servers Running CentOS

TeamTNT Hackers Attacking VPS Servers Running CentOS

A notorious hacking group known as TeamTNT has resurfaced with a new campaign targeting Virtual Private Server (VPS) infrastructures running on the CentOS operating system. The group, known for its cryptojacking activities, has been active...
Hackers Using Supershell Malware To Attack Linux SSH Servers

Hackers Using Supershell Malware To Attack Linux SSH Servers

Supershell is a command-and-control (C2) remote control platform that operates through web services. It allows users to establish a reverse SSH tunnel, enabling a fully interactive shell session. Recently, ASEC researchers discovered that hackers have...
New Linux Malware Exploiting Oracle Weblogic Servers

New Linux Malware Exploiting Oracle Weblogic Servers

Oracle WebLogic Server is an application server that is primarily designed to develop, deploy, and manage enterprise applications based on Java EE and Jakarta EE standards. It serves as a critical component of Oracle's Fusion...
PoC Exploit Released for Linux Kernel Vulnerability

PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access

Google Released a Proof-of-Concept (PoC) for a critical security vulnerability, identified as CVE-2024-26581, which has been discovered in the Linux kernel and poses significant risks to systems worldwide. This vulnerability, reported by Google's kCTF...
New Sophisticated Rootkit Targeting Arch Linux

New Snapekit Rootkit Malware Targeting Arch Linux Users

A rootkit is a type of malicious software that is primarily designed to provide unauthorized access and control over a computer system while hiding its presence. They can be difficult to detect and remove as...
How Threat Actors Establish Persistence on Linux Systems – Elastic Security Labs

How Threat Actors Establish Persistence on Linux Systems – Elastic Security Labs

In a detailed continuation of the Linux Detection Engineering series, Elastic Security's Ruben Groenewoud has released an in-depth exploration of advanced persistence mechanisms used by threat actors on Linux systems. The technical article published...
Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory

Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory

Researchers uncovered a vulnerability in the Linux kernel's dmam_free_coherent() function, which stems from a race condition caused by the improper order of operations when freeing DMA (Direct Memory Access) allocations and managing associated resources....
Linux ransomare

New Double-Extortion Ransomware Attacking Linux Machines

Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group. This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data,...
Play Ransomware’s Linux Variant Attacking ESXi Servers

Play Ransomware Variant Attacking Linux ESXi Servers

Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could enable threat actors to gain access to a multitude of valuable data and control...
SIEM as a Service

Recent Posts