Tag: linux
-
First-ever Linux UEFI bootkit turns out to be research project
by
in SecurityNews
Tags: antivirus, attack, authentication, awareness, computer, conference, cybersecurity, firmware, linux, malicious, malware, microsoft, risk, software, technology, threat, training, update, windowsBootkitty, a recently discovered boot-level UEFI rootkit for Linux, was evidently created by students participating in a cybersecurity training program at the South Korean Information Technology Research Institute (KITRI).The bootkit, found and analyzed by researchers from antivirus vendor ESET last week, showed signs of being a proof of concept rather than production-ready malware. Nevertheless, the…
-
‘Bootkitty’ First Bootloader to Take Aim at Linux
by
in SecurityNewsThough it’s still just a proof of concept, the malware is functional and can evade the Secure Boot process on devices from multiple vendors. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/bootkitty-first-bootloader-target-linux-systems
-
UEFI-Bootkit Bootkitty für Linux ist offenbar Uni-Projekt aus Südkorea
by
in SecurityNews
Tags: linuxMehrere Sicherheitsforscher haben den Prototyp untersucht und Spannendes herausgefunden. Bootkitty nutzt auch die LogoFail-Lücke zur Einnistung im System. First seen on heise.de Jump to article: www.heise.de/news/Bootkitty-Prototyp-eines-Linux-UEFI-Rootkits-ist-koreanisches-Uni-Projekt-10182420.html
-
Discover the future of Linux security
by
in SecurityNewsExplore open source strategies to safeguard critical systems and data First seen on theregister.com Jump to article: www.theregister.com/2024/12/02/discover_the_future_of_linux/
-
BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws
by
in SecurityNewsThe ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. Cybersecurity researchers from ESET recently discovered the first UEFI bootkit designed to target Linux systems, called by its authors Bootkitty. The bootkit allows attackers to disable the kernel’s signature verification feature and to preload two as yet unknown ELF…
-
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications
by
in SecurityNewsAPT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
-
Just Like Windows: Linux Targeted by First-Ever UEFI Bootkit – UPDATED
by
in SecurityNewsLinux-Targeting Bootkitty Appears More Proof-of-Concept Than Threat, Researchers Say. Cybersecurity researchers have discovered the first-ever UEFI bootkit designed to target Linux systems and subvert their boot process for malicious purposes. The Bootkitty malware, first uploaded to VirusTotal this month, appears to be more proof of concept than full-fledged threat, they said. First seen on govinfosecurity.com…
-
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
by
in SecurityNewsThe recently uncovered ‘Bootkitty’ UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka ‘LogoFAIL,’ to infect computers running on a vulnerable UEFI firmware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bootkitty-uefi-malware-exploits-logofail-to-infect-linux-systems/
-
Linux 6.13-rc1 Released: What’s New!
by
in SecurityNewsIn a recent announcement, Linus Torvalds, the creator of Linux, officially released the first release candidate (RC1) for Linux kernel version 6.13. This release marks the end of the merge window, and for the first time in recent memory, the release cycle timing aligns favorably with the holiday season, offering developers a chance to breathe…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 22
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations PyPI Python Library >>aiocpa
-
Veeam fördert Datenfreiheit und unterstützt Oracle Linux Virtualization Manager
by
in SecurityNewsMit der neuen Unterstützung für den Oracle Linux Virtualization Manager können Anwender umfassenden Schutz im großen Maßstab erzielen und dabei auf vo… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/veeam-foerdert-datenfreiheit-und-unterstuetzt-oracle-linux-virtualization-manager/a37115/
-
Check Point zeigt Schwachstellen im Linux CUPS-System auf
by
in SecurityNewsCheck Points Kunden sind durch CloudGuard geschützt, insbesondere gegen Remote Code Execution (RCE), die durch die Sicherheitslücke CVE-2024-47176 aus… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-zeigt-schwachstellen-im-linux-cups-system-auf/a38580/
-
FYSA Critical RCE Flaw in GNU-Linux Systems
by
in SecurityNewsSummary A severe, unauthenticated remote code execution (RCE) flaw has been discovered in GNU Linux systems. The vulnerability, rated CVSS 9.9, affect… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-linux-systems/
-
DISGOMOJI: Neue Linux-Malware wird per Emoji gesteuert
by
in SecurityNewsEine neue Linux-Malware mit dem Namen DISGOMOJI nutzt Emojis, um Befehle auf infizierten Geräten auszuführen. Entdeckt wurde der Schädling auf indisch… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/disgomoji-neue-linux-malware-wird-per-emoji-gesteuert
-
Linux News der Woche – Ubuntu 24.10, Space Marine 2 auf Linux, AMDs 3D V-Cache
by
in SecurityNews
Tags: linuxFirst seen on computerbase.de Jump to article: www.computerbase.de/news/betriebssysteme/linux-news-der-woche-ubuntu-24-10-space-marine-2-auf-linux-amds-3d-v-cache.89954
-
File Transfer Cheatsheet: Windows and Linux
by
in SecurityNewsFile transfer is a crucial step in the post-exploitation scenario while performing penetration testing or red teaming. There are various ways to do th… First seen on hackingarticles.in Jump to article: www.hackingarticles.in/file-transfer-cheatsheet-windows-and-linux/
-
OSINT : User Privacy in Linux
by
in SecurityNewsLinux telemetry involves gathering and sending data from a Linux-based system to an external server or service. The purpose of this process is often t… First seen on hackingarticles.in Jump to article: www.hackingarticles.in/osint-user-privacy-in-linux/
-
Oramfs: Resizable ORAM, Remote Storage Agnostic, Written in Rust
by
in SecurityNewsToday we are excited to release oramfs, a simple, flexible, Free Software ORAM implementation for Linux written in Rust. It is designed to support dif… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2021/06/30/oramfs-resizable-oram-remote-storage-agnostic-written-in-rust/
-
PwnKit: Local Privilege Escalation (LPE) in Polkit’s pkexec (CVE-2021-4034)
by
in SecurityNewsSummary On January 25, researchers at Qualys disclosed a high severity local privilege escalation (LPE) vulnerability affecting Linux’s policy kits (P… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/01/26/pwnkit-local-privilege-escalation-lpe-in-polkits-pkexec-cve-2021-4034/
-
Dirty Pipe Linux Kernel Local Privilege Escalation (LPE) Vulnerability (CVE-2022-0847)
by
in SecurityNewsSummary CVE-2022-0847 was disclosed on March 7th and since has been named Dirty Pipe. This linuxkernel vulnerability is caused by improperly handling … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/04/dirty-pipe-linux-kernel-local-privilege-escalation-lpe-vulnerability-cve-2022-0847/
-
Introducing Shufflecake: plausible deniability for multiple hidden filesystems on Linux
by
in SecurityNewsToday we are excited to release Shufflecake, a tool aimed at helping people whose freedom of expression is threatened by repressive authorities or dan… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/11/10/introducing-shufflecake-plausible-deniability-for-multiple-hidden-filesystems-on-linux/
-
Linux Kernel ksmbd Remote Code Execution Vulnerability
by
in SecurityNewsNote: This bulletin was written by Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary The Zero Day Initiative (ZDI) rece… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/22/bulletin-linux-kernel-ksmbd-remote-code-execution-vulnerability/
-
Kimsuky APT Group Deploys New Linux Backdoor: Gomir
by
in SecurityNewsFirst seen on thefinalhop.com Jump to article: www.thefinalhop.com/kimsuky-apt-group-deploys-new-linux-backdoor-gomir/
-
Bootkitty: Erstes Linux UEFI Boot-Kit
by
in SecurityNewsESET Research ist auf das das erste Linux UEFI Boot-Kit gestoßen und hat dieses Bootkitty genannt. Dieses Linux UEFI Boot-Kit wurde Anfang November 2024 auf Virustotal hochgeladen und ist den Sicherheitsforschern dadurch aufgefallen. Für Windows sind UEFI Boot-Kits, die sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/01/bootkitty-erstes-linux-uefi-boot-kit/
-
New Backdoor Linked to Earth Lusca Threat Group
Researchers have uncovered a new backdoor called KTLVdoor, which is written in the Go language, has versions for targeting Windows and Linux and is li… First seen on duo.com Jump to article: duo.com/decipher/new-backdoor-linked-to-chinese-threat-group
-
CVE-2024-3094: Malicious Code in XZ Utils Enables RCE on Linux Systems
by
in SecurityNewsA recent analysis has revealed that the malicious code embedded in the widely-used open-source library XZ Utils (present in multiple Linux distros) ca… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-3094-xz-utils-linux/
-
CVE-2024-28085: Linux Flaw Could Leak Passwords
by
in SecurityNewsA recently identified vulnerability affecting the >>wall
-
New Native Spectre v2 Exploit Raises Concerns for Linux Kernel Security
by
in SecurityNewsCybersecurity researchers from the Systems and Network Security Group (VUSec) at Vrije Universiteit Amsterdam have unveiled what they describe as the … First seen on sensorstechforum.com Jump to article: sensorstechforum.com/native-spectre-v2-exploit-linux-kernel/
-
Atlassian Vulnerability Used to Deploy Linux Variant of Cerber Ransomware
by
in SecurityNewsThreat actors are exploiting critical vulnerabilities in Atlassian servers to deploy a Linux variant of Cerber ransomware. This exploitation, centered… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/atlassian-vulnerability-cerber-ransomware/
-
Both KDE and GNOME to offer official distros
by
in SecurityNews
Tags: linuxLeading Linux desktops boldly address the “not enough distros” non-problem First seen on theregister.com Jump to article: www.theregister.com/2024/11/29/kde_and_gnome_distros/