HackDig : Dig high-quality web security articles

New Linux kernel bug lets you get root on most modern distros

Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices.As discovered by Qualys researchers, the LPE security flaw tracked as CVE-2021-33909 (dubbed Sequoia) is present in the filesystem layer used to manage user data,
Publish At:2021-07-20 15:35 | Read:189 | Comments:0 | Tags:Security Linux

HelloKitty ransomware now targets VMware ESXi servers

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. The move of the ransomware gang aims at expanding the operations targeting enterprises that are largely adopting virtualizing platforms. Ta
Publish At:2021-07-15 15:15 | Read:171 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybersecurity cybersecurit

Linux version of HelloKitty ransomware targets VMware ESXi servers

​The ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage.As the enterprise increasingly moves to virtual machines for easier backup and resource management, ransomware gangs are evolving their tactics to create Linux encryptors that target thes
Publish At:2021-07-15 11:41 | Read:115 | Comments:0 | Tags:Security Linux ransomware

Linux version of REvil ransomware targets ESXi VM

The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware operators are now using a Linux encryptor to encrypts Vmware ESXi virtual machines which are widely adopted by enterprises. The availability of the Linux encryptor was announced by the REvil gang in May, a circumstance t
Publish At:2021-06-29 10:10 | Read:222 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybersecurity cybersecurit

REvil ransomware's new Linux encryptor targets ESXi virtual machines

The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines.With the enterprise moving to virtual machines for easier backups, device management, and efficient use of resources, ransomware gangs increasingly create their own tools to mass encrypt storage used by VMs.In May, Advanced Intel's Yelisey Bog
Publish At:2021-06-28 20:08 | Read:199 | Comments:0 | Tags:Security Linux ransomware

Two Google plans that could make open source code more secure

Recently Google announced that it will fund the further development of Rust. Rust is a low-level programming language that is designed to be more memory secure than other popular programming languages, such as C. Google has also proposed an end-to-end framework for supply chain integrity which it has dubbed Supply chain Levels for Software Artifacts (SLSA
Publish At:2021-06-18 10:57 | Read:156 | Comments:0 | Tags:Reports Technology Android chromeOS Google linux memory secu

Microsoft Linux repos suffer day-long outage, still recovering

This week, Microsoft's Linux package repositories suffered an hours-long outage, followed by performance issues spanning over a day.Users relying on the packages.microsoft.com repository to pull Linux distributions, including Ubuntu, Debian, CentOS, OpenSUSE, and Fedora received errors.Microsoft engineers have acknowledged the issue and are&nb
Publish At:2021-06-18 04:59 | Read:230 | Comments:0 | Tags:Security Linux Microsoft

CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros

An authentication bypass flaw in the polkit auth system service used on most Linux distros can allow to get a root shell. An authentication bypass vulnerability in the polkit auth system service, tracked as CVE-2021-3560, which is used on most Linux distros can allow an unprivileged attacker to get a root shell. “A flaw was found in polkit.
Publish At:2021-06-12 11:02 | Read:337 | Comments:0 | Tags:Breaking News Security authentication bypass CVE-2021-3560 C

Linux system service bug lets you get root on most modern distros

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions.The polkit local privilege escalation bug (tracked as CVE-2021-3560) was publicly disclosed, and a fix was released on June 3, 2021.It was introduced sev
Publish At:2021-06-11 08:04 | Read:152 | Comments:0 | Tags:Security Linux

FreakOut malware worms its way into vulnerable VMware servers

A multi-platform Python-based malware targeting Windows and Linux devices has now been upgraded to worm its way into Internet-exposed VMware vCenter servers unpatched against a remote code execution vulnerability.The malware, dubbed FreakOut by CheckPoint researchers in January (aka Necro and N3Cr0m0rPh), is an obfuscated Python script designed to evade dete
Publish At:2021-06-04 12:11 | Read:590 | Comments:0 | Tags:Security Linux

Kali Linux 2021.2 released with new tools, improvements, and themes

​Kali Linux 2021.2 was released today by Offensive Security and includes new themes and features, such as access to privileged ports, new tools, and a console-based configuration utility.Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.With this release, t
Publish At:2021-06-02 17:14 | Read:251 | Comments:0 | Tags:Security Linux

Facefish Backdoor delivers rootkits to Linux x64 systems

Qihoo 360 NETLAB spotted a new backdoor dubbed Facefish that could allow attackers to take over Linux systems and steal sensitive data. Cybersecurity experts from Qihoo 360 NETLAB published details about a new backdoor, dubbed Facefish, which can be used by threat actors to steal login credentials and executing arbitrary commands on Linux systems. The
Publish At:2021-05-30 06:58 | Read:403 | Comments:0 | Tags:Breaking News Malware backdoor Cybersecurity cybersecurity n

Microsoft: Windows 10 Insiders can now can run Linux GUI apps

Microsoft announced today at the Build 2021 developer conference that support for running Linux GUI apps is now available via Windows Subsystem for Linux (WSL).The feature was first released one month ago and it allows Windows 10 users to run Linux (X11 and Wayland) applications with a GUI (graphical user interface) without using a virtua
Publish At:2021-05-25 16:23 | Read:264 | Comments:0 | Tags:Microsoft Linux

DDoS attacks in Q1 2021

News overview Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operators use infected devices to carry out DDoS attacks or mine crypto
Publish At:2021-05-10 08:17 | Read:1591 | Comments:0 | Tags:DDoS reports Botnets Cybercrime DDoS-attacks Internet of Thi

Critical 21Nails Exim bugs expose millions of servers to attacks

Newly discovered critical vulnerabilities in the Exim mail transfer agent (MTA) software allow unauthenticated remote attackers to execute arbitrary code and gain root privilege on mail servers with default or common configurations.The security flaws (10 remotely exploitable and 11 locally) found and reported by the Qualys Research Team are co
Publish At:2021-05-04 11:54 | Read:355 | Comments:0 | Tags:Security Linux

Tag Cloud