Pierluigi Paganini
July 30, 2020
Billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue, dubbed BootHole, that can be exploited to install a stealthy malware. Billions of Windows and Linux devices are affected by a serious GRUB2 bootloader vulnerability, tracked as CVE-2020-10713 and dubbed BootHole, which can be exploited by attackers to install persistent and stealthy […]
Pierluigi Paganini
July 29, 2020
Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers Cybersecurity researchers at Intezer spotted a new completely undetectable Linux malware, dubbed Doki, that exploits undocumented evasion techniques while targeting publicly accessible Docker servers. The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba […]
Pierluigi Paganini
July 26, 2020
A new version of the REMnux Linux toolkit for malware analysts is available for download, it includes a huge set of tools for professionals. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware. The toolkit was first […]
Pierluigi Paganini
July 07, 2020
Microsoft launched Project Freta, a free service that allows users to find malware, including rootkit, in operating system memory snapshots. Microsoft has unveiled a new project, dubbed Project Freta, for the discovery of malicious code in operating system memory snapshots. The Project Freta is a cloud-based service that allows users to collect forensic evidence of attacks […]
Pierluigi Paganini
June 24, 2020
Operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online, Trend Micro warns. Trend Micro researchers reported that operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is a Linux Botnet that was […]
Pierluigi Paganini
June 08, 2020
Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including (i.e. cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, […]
Pierluigi Paganini
March 25, 2020
A security researcher disclosed technical details of a critical remote code execution flaw affecting the OpenWrt Linux-based operating system for network devices. Earlier this year, security expert Guido Vranken from the software firm ForAllSecure, discovered a critical vulnerability in the OpenWrt Linux-based operating system for network devices. The flaw tracked as CVE-2020-7982 is a critical remote […]
Pierluigi Paganini
February 25, 2020
Experts discovered a new critical remote code execution vulnerability in the OpenSMTPD that could allow hacking email servers running BSD or Linux. A new critical remote code execution vulnerability was discovered in the OpenSMTPD that could be exploited by attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD is an […]
Pierluigi Paganini
February 03, 2020
Apple researcher discovered an important vulnerability (CVE-2019-18634) in ‘sudo’ utility that allows non-privileged Linux and macOS users to run commands as Root. Security expert Joe Vennix from Apple has discovered an important vulnerability in ‘sudo‘ utility, tracked as CVE-2019-18634, that allows non-privileged Linux and macOS users to run commands as Root. The issue could be […]
Pierluigi Paganini
January 29, 2020
Security researchers have spotted a vulnerability, tracked as CVE-2020-7247, that affects a core email-related library used by many BSD and Linux distributions. Security experts from Qualys have discovered a flaw, tracked as CVE-2020-7247, in OpenSMTPD. OpenSMTPD is an open-source implementation of the server-side SMTP protocol as defined by RFC 5321, it includes also some additional […]
