Archive for the ‘Linux Security’ Category

Latest OpenSSL version is affected by a remote memory corruption flaw

Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido Vranken discovered a remote memory-corruption vulnerability in the recently released OpenSSL version 3.0.4. The library was released on June 21, 2022, and affects x64 systems with the AVX-512 instruction set. “OpenSSL version 3.0.4, released on June 21th 2022, is susceptible to remote memory […]

Leave a Comment

Symbiote, a nearly-impossible-to-detect Linux malware

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by security firms Intezer and BlackBerry uncovered a new Linux threat dubbed Symbiote. The name comes from the concept of symbiote which is an organism that lives in symbiosis with another organism, exactly like this implant does with the infected systems. For this […]

Leave a Comment

Linux Nimbuspwn flaws could allow attackers to deploy sophisticated threats

Microsoft disclosed two Linux privilege escalation flaws, collectively named Nimbuspwn, that could allow conducting various malicious activities. The Microsoft 365 Defender Research Team has discovered two Linux privilege escalation flaws (tracked as CVE-2022-29799 and CVE-2022-29800) called “Nimbuspwn,” which can be exploited by attackers to conduct various malicious activities, including the deployment of malware. “The vulnerabilities can be chained […]

Leave a Comment

B1txor20 Linux botnet use DNS Tunnel and Log4J exploit

Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured an […]

Leave a Comment

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape

A Linux kernel flaw, tracked as CVE-2022-0492, can allow an attacker to escape a container to execute arbitrary commands on the container host. A now-patched high-severity Linux kernel vulnerability, tracked as CVE-2022-0492 (CVSS score: 7.0), can be exploited by an attacker to escape a container to execute arbitrary commands on the container host. The issue is a privilege […]

Leave a Comment

New Book: Advanced Security Testing with Kali Linux!

In Advanced Security Testing with Kali Linux you will learn topics like: The MITRE ATT@CK Framework Command & Control (C2) Frameworks Indepth Network Scanning Web App Pentesting Advanced Techniques like “Living off the Land” AV Bypass Tools Using IoT Devices in Security and much, much more!! Learning attacker Tactics, Techniques and Procedures (TTPs) are imperative in defending […]

Leave a Comment

CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager

Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as  CVE-2021-44731  (CVSS score 7.8). Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel. The packages, called snaps, and the tool for using them, snapd, work across a range […]

Leave a Comment

Kali Linux 2021.4 released: Wider Samba compatibility, The Social-Engineer Toolkit, new tools, and more!

Samba Client, Kaboxer theme support Starting Kali Linux 2021.4, the Samba client is now configured for Wide Compatibility so that it can connect to pretty much every Samba server out there, regardless of the version of the protocol in use. This change should make it easier to discover vulnerable Samba servers “out of the box”, […]

Leave a Comment

Can *YOU* blow a PC speaker using only a Linux kernel driver?

We don’t often put out programming appeals on Naked Security, especially when the code that we’re looking for is dangerous and destructive. But this time we’re prepared to make an exception, given that it’s a rainy Friday afternoon where we are, and that this issue is now in its fifteenth consecutive year. Our attention was […]

Leave a Comment

Serious Security: The Linux kernel bugs that surfaced after 15 years

Researchers at cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel… …in code that had been sitting there inconspicuously for some 15 years. Fortunately, it seemed that no one else had looked at the code for all that time, at least not diligently enough to spot the bugs, so they’re […]

Leave a Comment

Developing a Strong Security Posture in the Era of Remote Work

Leave a Comment

Why enterprises need rugged devices with integrated endpoint management systems

Paired longevity solutions in hardware and software There is a solution to both these issues – durability and security. Rugged devices are designed specifically for your hardworking enterprise operations. They integrate seamlessly into UEM and MDM platforms, can be trained to only engage with secure networks, and can be geofenced to turn themselves into expensive […]

Leave a Comment

Windows and Linux servers targeted by new WatchDog botnet for almost two years

Due to the recent rise in cryptocurrency trading prices, most online systems these days are often under the assault of crypto-mining botnets seeking to gain a foothold on unsecured systems and make a profit for their criminal overlords. The latest of these threats is a botnet named WatchDog. Discovered by Unit 42, a threat intelligence division […]

Leave a Comment

LINUX GAME HACKING GUIDE 2021

Leave a Comment

FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH

Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. Source: FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH   Download a Security Risk Assessment Steps paper! Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up! DISC InfoSec 🔒 […]

Leave a Comment

Russian military plans to replace Windows with Astra Linux

The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Source: Russian military plans to replace Windows with Astra Linux Look @ Astra Linux ® 2.12 – Russian Debian – Fly Desktop  Subscribe in a reader

Leave a Comment

Uncovering Linux based cyberattack using Azure Security Center

Azure Security Center, Microsoft’s cloud-based cyber solution helps customers safeguard their cloud workloads as well as protect them from these threats. Source: Uncovering Linux based cyberattack using Azure Security Center  Subscribe in a reader

Leave a Comment

Linux quick reference card

Linux quick reference card Enter your email address: Delivered by FeedBurner

Leave a Comment

Security researchers discover new Linux backdoor named SpeakUp 

SpeakUp backdoor trojan can run on six different Linux distributions, and even on macOS. Source: Security researchers discover new Linux backdoor named SpeakUp | ZDNet DISC InfoSec 🔒 securing the business 🔒 Cyber Security Awareness ↑ Grab this Headline Animator

Leave a Comment

Bolt : Cross-Site Request Forgery Scanner Tool 2019

Bolt is in beta phase of development which means there can be bugs. Any production use of this tool discouraged. Bolt crawls the target website Source: Bolt : Cross-Site Request Forgery Scanner Tool 2019 DISC InfoSec 🔒 securing the business 🔒 Cyber Security Awareness ↑ Grab this Headline Animator

Leave a Comment