LINUX Archives - Page 13 of 24

Pierluigi Paganini August 20, 2019

Backdoored Webmin versions were available for download for over a year

Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […]

Pierluigi Paganini July 25, 2019

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). […]

Pierluigi Paganini July 18, 2019

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Experts at Intezer discovered a new backdoor, dubbed EvilGnome, that is targeting Linux systems for cyber espionage purpose. Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used […]

Pierluigi Paganini July 11, 2019

A new NAS Ransomware targets QNAP Devices

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. NAS servers are a privileged target for hackers because they normally store […]

Pierluigi Paganini July 07, 2019

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted

Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution. On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., the organization behind the Ubuntu Linux distribution. The company immediately launched an investigation, the good news is that the source code of the […]

Pierluigi Paganini July 05, 2019

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems. The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS (DoH). The DoH protocol was a new standard proposed in October 2018 and it is […]

Pierluigi Paganini July 04, 2019

Tens of VMware Products affected by SACK Panic and SACK Slowness flaws

Tens of VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities. At least 30 VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities. The vulnerabilities could be exploited by a remote unauthenticated attacker to trigger a denial-of-service (DoS) condition and reboot vulnerable systems. Impacted products […]

Pierluigi Paganini June 18, 2019

Multiple DoS vulnerabilities affect Linux and FreeBSD

Netflix researcher has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels that could trigger a DoS condition. Jonathan Looney, a security expert at Netflix, found three Linux DoS vulnerabilities, two of them related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, and one related only to MSS. The most severe […]

Pierluigi Paganini June 14, 2019

Millions of Exim mail servers are currently under attack

Hackers are targeting millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions, threat actors leverage the CVE-2019-10149 flaw. Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are under attack, threat actors are exploiting the CVE-2019-10149 flaw to take over them. A critical vulnerability affects versions 4.87 to 4.91 […]

Pierluigi Paganini June 10, 2019

CVE-2019-12735 – opening a specially crafted file in Vim or Neovim Editor could compromise your Linux system

Bad news for Linux users, a flaw tracked as CVE-2019-12735 allows to hack their systems by tricking them into opening a specially crafted file in Vim or Neovim Editor. Security expert Armin Razmjou has recently found a high-severity vulnerability (CVE-2019-12735) in Vim and Neovim command-line text editing applications. The vulnerability, tracked as CVE-2019-12735, is classified as an arbitrary OS command […]

LINUX

Backdoored Webmin versions were available for download for over a year

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

A new NAS Ransomware targets QNAP Devices

Hackers compromised a Canonical GitHub account, Ubuntu source code was not impacted

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

Tens of VMware Products affected by SACK Panic and SACK Slowness flaws

Multiple DoS vulnerabilities affect Linux and FreeBSD

Millions of Exim mail servers are currently under attack

CVE-2019-12735 – opening a specially crafted file in Vim or Neovim Editor could compromise your Linux system

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

Koske, a new AI-Generated Linux malware appears in the threat landscape

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

Coyote malware is first-ever malware abusing Windows UI Automation

QUICK LINKS

LINUX

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!