Pierluigi Paganini
January 21, 2020
In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […]
Pierluigi Paganini
January 04, 2020
‘BusKill‘ is a cheap kill cord Dead Man Switch to trigger the machine to self-destruct in case the laptop is stolen, it was designed by the software engineer Michael Altfield. The idea is very simple, the BusKill cable connects a Linux laptop to the user, for example, to his belt. In case of theft, the USB […]
Pierluigi Paganini
November 06, 2019
Google experts found a flaw, tracked as CVE-2019-18408, in the compression library libarchive could lead to arbitrary code execution. Google experts found a vulnerability, tracked as CVE-2019-18408, in the compression library libarchive could be exploited to execute arbitrary code. The libarchive library is a multi-format archive and compression library that implements a single interface for reading/writing various compression formats. Several […]
Pierluigi Paganini
October 19, 2019
A researcher discovered a critical Linux vulnerability, tracked as CVE-2019-17666, that could be exploited to fully compromise vulnerable machines. Nico Waisman, principal security engineer at Github, discovered a critical Linux flaw, tracked as CVE-2019-17666, that could be exploited by attackers to fully compromise vulnerable machines. The vulnerability affects Linux versions through 5.3.6, according to the […]
Pierluigi Paganini
October 15, 2019
Experts discovered a security policy bypass issue in the Sudo utility that is installed as a command on almost every Linux and Unix system. The Sudo utility that is installed as a command on almost every Linux and Unix system is affected by a security policy bypass issue tracked as CVE-2019-14287. The vulnerability could be […]
Pierluigi Paganini
September 18, 2019
Trend Micro researchers spotted a piece of Linux cryptocurrency miner, dubbed Skidmap that leverages kernel-mode rootkits to evade the detection. Skidmap is a new piece of crypto-miner detected by Trend Micro that target Linux machines, it uses kernel-mode rootkits to evade the detection. This malware outstands similar miners because of the way it loads malicious […]
Pierluigi Paganini
August 20, 2019
Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […]
Pierluigi Paganini
July 25, 2019
Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). […]
Pierluigi Paganini
July 18, 2019
Experts at Intezer discovered a new backdoor, dubbed EvilGnome, that is targeting Linux systems for cyber espionage purpose. Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used […]
Pierluigi Paganini
July 11, 2019
Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. NAS servers are a privileged target for hackers because they normally store […]
