Pierluigi Paganini March 18, 2022
Caketap, a new Unix rootkit used to siphon ATM banking data

Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945). The China-linked hacking group has been active since at least 2016, according […]

Pierluigi Paganini December 06, 2019
CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems

Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel Researchers from the University of New Mexico have discovered a vulnerability, tracked as CVE-2019-14899, that can be exploited by an attacker to determine if a user is connected to a VPN and hijack active TCP […]

Pierluigi Paganini August 20, 2019
Backdoored Webmin versions were available for download for over a year

Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […]

Pierluigi Paganini April 02, 2019
CVE-2019-0211 Apache flaw allows getting root access via script

The privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems An important privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain […]

Pierluigi Paganini March 16, 2018
Hackers can elevate privileges by hacking into popular text editors

Following recent string of attacks that exploit flawed plugins, researchers at SafeBreach examined 6 popular extensible text editors for unix systems. Most of the modern text editors allow users to extend their functionalities by using third-party plugins, in this way they are enlarging their attack surface. Third-party plugins could be affected by vulnerabilities that could […]

Pierluigi Paganini January 12, 2015
Hackers running Linux Operation Windigo are changing tactics targeting porn sites

Security Experts at ESET firm discovered that Windigo campaign is still active and that bad actors are changing their tactics to remain under the radar. Windigo is a sophisticated malware-based campaign uncovered by security Experts at ESET in March 2014, hackers behind the campaign that exploited the Linux/Ebury backdoor compromising more than 500,000 computers and 25,000 dedicated servers. The […]

Pierluigi Paganini October 10, 2014
Experts warn on Mayhem shellshock attacks worldwide

The experts at The Malware Must Die detected numerous attack worldwide exploiting the Bash Bug flaw to spread the Mayhem botnet. The researchers at Malware Must Die published a report warning of Mayhem Shellshock attack, the experts explained to have detected a significant number of Linux and UNIX systems infected by several IP addresses belonging to […]

Pierluigi Paganini September 28, 2014
The majority Mac users safe from Bash Bug while Oracle warns its customers

Apple says users of its OS X are “safe by default” from the Bash Bug, meanwhile Oracle warns its customers that 32 products are affected by the flaw. The recently discovered Bash Bug vulnerability is menacing billions of devices that could be exposed to cyber attacks which exploit the flaw, the situation appears to be critical […]

Pierluigi Paganini March 19, 2014
Linux Operation Windigo hit 500000 PC and 25000 dedicated servers

Antivirus Firm ESET has been tracking and investigating the operation behind Linux_Ebury uncovering a sophisticated campaign called Operation Windigo. Operation Windigo is the name of a sophisticated malware-based campaign uncovered by security Experts at ESET, that exploiting the Linux/Ebury backdoor has impacted more 500,000 computers and 25,000 dedicated servers. ESET Researchers collaborated with CERT-Bund, the European Organization […]