Pierluigi Paganini
March 18, 2022
Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945). The China-linked hacking group has been active since at least 2016, according […]
Pierluigi Paganini
December 06, 2019
Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel Researchers from the University of New Mexico have discovered a vulnerability, tracked as CVE-2019-14899, that can be exploited by an attacker to determine if a user is connected to a VPN and hijack active TCP […]
Pierluigi Paganini
August 20, 2019
Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […]
Pierluigi Paganini
April 02, 2019
The privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems An important privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain […]
Pierluigi Paganini
March 16, 2018
Following recent string of attacks that exploit flawed plugins, researchers at SafeBreach examined 6 popular extensible text editors for unix systems. Most of the modern text editors allow users to extend their functionalities by using third-party plugins, in this way they are enlarging their attack surface. Third-party plugins could be affected by vulnerabilities that could […]
Pierluigi Paganini
January 12, 2015
Security Experts at ESET firm discovered that Windigo campaign is still active and that bad actors are changing their tactics to remain under the radar. Windigo is a sophisticated malware-based campaign uncovered by security Experts at ESET in March 2014, hackers behind the campaign that exploited the Linux/Ebury backdoor compromising more than 500,000 computers and 25,000 dedicated servers. The […]
Pierluigi Paganini
October 10, 2014
The experts at The Malware Must Die detected numerous attack worldwide exploiting the Bash Bug flaw to spread the Mayhem botnet. The researchers at Malware Must Die published a report warning of Mayhem Shellshock attack, the experts explained to have detected a significant number of Linux and UNIX systems infected by several IP addresses belonging to […]
Pierluigi Paganini
September 28, 2014
Apple says users of its OS X are “safe by default” from the Bash Bug, meanwhile Oracle warns its customers that 32 products are affected by the flaw. The recently discovered Bash Bug vulnerability is menacing billions of devices that could be exposed to cyber attacks which exploit the flaw, the situation appears to be critical […]
Pierluigi Paganini
March 19, 2014
Antivirus Firm ESET has been tracking and investigating the operation behind Linux_Ebury uncovering a sophisticated campaign called Operation Windigo. Operation Windigo is the name of a sophisticated malware-based campaign uncovered by security Experts at ESET, that exploiting the Linux/Ebury backdoor has impacted more 500,000 computers and 25,000 dedicated servers. ESET Researchers collaborated with CERT-Bund, the European Organization […]
