HackDig : Dig high-quality web security articles

Stealthy Symbiote Linux malware is after financial institutions

Symbiote, a new “nearly impossible to detect” Linux malware, targeted financial sectors in Latin America—and the threat actors behind it might have links to Brazil. These findings were revealed in a recent report, a joint effort between the Blackberry Research Team and Dr. Joakim Kennedy, a security researcher with Intezer. Despite its name, t
Publish At:2022-06-15 13:00 | Read:225 | Comments:0 | Tags:Reports Berkeley Packet Filter blackberry Blackberry Researc

Experts spotted Syslogk, a Linux rootkit under development

Experts spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted “magic packets” to activate a dormant backdoor on the device. Researchers from antivirus firm Avast spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted “magic packets” to activate a dormant backdoor on the device. The expert
Publish At:2022-06-13 23:14 | Read:225 | Comments:0 | Tags:Breaking News Malware hacking news information security news

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories.Another nation-state actor exploits Microsoft Follina to attack Eur
Publish At:2022-06-13 10:09 | Read:291 | Comments:0 | Tags:VERT News botnet Linux nation-state attacks security cyber c

A week in security (June 6 – June 12)

Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for UkraineMicrosoft autopatch is here…but can you use it?Prometheus ransomware’s flaws inspired researchers to try to build a near-universal decryption toolRotten apples banned from App storeHackers can take over accounts you haven’t even created yetRansomware Ta
Publish At:2022-06-13 09:01 | Read:365 | Comments:0 | Tags:A week in security 4chan a week in security Apple passkeys A

Introducing EDR for Linux: Remediating and isolating threats on Linux servers

We’re excited to announce our new EDR for Linux offering, which extends our advanced protection and response capabilities to Linux devices via Nebula and OneView. In this post, we show you what remediating and isolating threats on Linux servers looks like with Malwarebytes EDR for Linux. Let’s get started! Table of Contents Part 1: Downloading
Publish At:2022-06-02 16:57 | Read:360 | Comments:0 | Tags:Business EDR for Linux endpoint detection and response linux

WinDealer dealing on the side

Introduction LuoYu is a lesser-known threat actor that has been active since 2008. It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. In their initial disclosures on this threat actor,
Publish At:2022-06-02 06:16 | Read:461 | Comments:0 | Tags:APT reports APT Chinese-speaking cybercrime Google Android I

Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers

Multiple NVIDIA graphic card models have been found to have flaws in their GPU drivers, with six medium-and four high-severity ratings. Last Monday, the company released a software security update for NVIDIA GPU Display Driver to address the vulnerabilities. If exploited, they could lead to denial of service, code execution, privilege escalation, and dat
Publish At:2022-05-23 09:01 | Read:406 | Comments:0 | Tags:Exploits and vulnerabilities CVE-2022-28181 CVE-2022-28182 C

Malicious PyPI package opens backdoors on Windows, Linux, and Macs

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.PyPI is a repository of open-source packages that developers can use to share their work or benefit from the work of others, downloading the functional libraries required f
Publish At:2022-05-21 14:53 | Read:521 | Comments:0 | Tags:Security Apple Linux

The activity of the Linux XorDdos bot increased by 254% over the last six months

Microsoft researchers have observed a spike in the activity of the Linux bot XorDdos over the last six months. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is a Linux Botnet that was employed in attacks against gaming and education websites with massive DDoS attacks that reached 150 gigabytes per second of m
Publish At:2022-05-20 11:07 | Read:363 | Comments:0 | Tags:Breaking News Hacking botnet hacking news information securi

Microsoft detects massive surge in Linux XorDDoS malware activity

A stealthy and modular malware used to hack into Linux devices and build a DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealed today.This malware (active since at least 2014) is known as XorDDoS (or XOR DDoS) due to its use of XOR-based encryption when communicating with command-and-control (C2) ser
Publish At:2022-05-19 14:53 | Read:499 | Comments:0 | Tags:Security Linux Microsoft DDOS

Sysrv botnet is out to mine Monero on your Windows and Linux servers

In a Twitter thread, the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv botnet. The variant they focused on uses a range of known exploits for vulnerabilities in web apps and databases to install cryptocurrency miners on both Windows and Linux systems. Background The Sysrv botnet first recei
Publish At:2022-05-18 09:01 | Read:475 | Comments:0 | Tags:Botnets Exploits and vulnerabilities botnet crypto miner cve

Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more

Offensive Security has released ​Kali Linux 2022.2, the second version in 2022, with desktop enhancements, a fun April Fools screensaver, WSL GUI improvements, terminal tweaks, and best of all, new tools to play with!Kali Linux is a Linux distribution for cybersecurity professionals and ethical hackers to perform penetration testing, security audi
Publish At:2022-05-16 14:53 | Read:567 | Comments:0 | Tags:Security Linux

NVIDIA has open-sourced its Linux GPU kernel drivers

NVIDIA has published the source code of its Linux kernel modules for the R515 driver, allowing developers to provide greater integration, stability, and security for Linux distributions.The source code has been published to NVIDIA's GitHub repository under a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distr
Publish At:2022-05-12 10:55 | Read:816 | Comments:0 | Tags:Linux Hardware

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 25, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 25, 2022. I’ve also included some comments on these stories.Homeland Security bug bounty program uncovers 122 holes in its sys
Publish At:2022-05-02 10:00 | Read:1223 | Comments:0 | Tags:Featured Articles VERT News bug bounty program CISA Linux pa

Linux Nimbuspwn flaws could allow attackers to deploy sophisticated threats

Microsoft disclosed two Linux privilege escalation flaws, collectively named Nimbuspwn, that could allow conducting various malicious activities. The Microsoft 365 Defender Research Team has discovered two Linux privilege escalation flaws (tracked as CVE-2022-29799 and CVE-2022-29800) called “Nimbuspwn,” which can be exploited by attackers to
Publish At:2022-04-27 07:00 | Read:1106 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3