HackDig : Dig high-quality web security articles for hackers

A new Stantinko Bot masqueraded as httpd targeting Linux servers

Researchers spotted a new variant of an adware and coin-miner botnet operated by Stantinko threat actors that now targets Linux servers. Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. The Stantinko botnet was first spotted by ESET in 2017, at the time it inf
Publish At:2020-11-24 15:42 | Read:163 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet Hacking hacking new

Kali Linux 2020.4 switches the default shell from Bash to ZSH

​Kali Linux 2020.4 was released yesterday by Offensive Security, and it takes the big step of changing the default shell from Bash to ZSH.Kali Linux comes with numerous software packages and tools that allow cybersecurity professionals and ethical hackers to perform penetration testing and security audits.With this release, the Kali Linux Team introduc
Publish At:2020-11-19 19:01 | Read:137 | Comments:0 | Tags:Linux Security

S3 Ep7: When ransomware crooks get a big fat zero! [Podcast]

byPaul DucklinIn this episode: we say thanks to companies that refuse to pay ransomware hush money, dig into the new Sophos 2021 Threat Report, and take a quick look inside a malicious Linux kernel driver. Also, a sneak preview of our upcoming podcast interview with bug bounty pioneer Katie Moussouris.With Kimberly Truong, Doug Aamoth and Paul Ducklin.Intro
Publish At:2020-11-19 11:37 | Read:131 | Comments:0 | Tags:Malware Podcast Ransomware Linux malware Naked Security Podc

Sophos 2021 Threat Report: Navigating cybersecurity in an uncertain world

byPaul DucklinWe know what you’re thinking: “Another year; another vendor; another threat report……and when I open it, I’ll be stuck in a thinly disguised product brochure.”Well, not this one.We’ve combined research from a number of threat prevention groups inside Sophos, including SophosLabs, Sophos Managed Threat Re
Publish At:2020-11-18 12:13 | Read:127 | Comments:0 | Tags:Android BEC Botnet Data loss Linux Machine Learning Malware

Microsoft previews Linux endpoint detection and response capabilities

Microsoft has announced today the public preview of endpoint detection and response (EDR) capabilities on Linux servers running Microsoft Defender Advanced Threat Protection (ATP) — now known as Microsoft Defender for Endpoint.The addition of EDR capabilities provides security analysts with the ability to spot attacks involving Linu
Publish At:2020-11-17 16:19 | Read:127 | Comments:0 | Tags:Microsoft Linux

DNS cache poisoning attacks return due to Linux weakness

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks.The new discovery revives a 2008 bug that had once been thought to have resolved for good.What is DNS spoofing or cache poisoning?Domain Name System (DNS) can be best understood as a phonebook for the
Publish At:2020-11-12 19:18 | Read:211 | Comments:0 | Tags:Security Linux

RansomExx ransomware now targets also Linux systems

The RansomExx Ransomware gang is expanding its operations by creating a new version that is able to infect Linux machines. RansomExx ransomware operators are expanding their operations by developing a Linux version of their malware. Kaspersky researchers have analyzed the Linux version of the RansomExx ransomware, also tracked as Defray777. This wee
Publish At:2020-11-06 18:41 | Read:208 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

RansomEXX Trojan attacks Linux systems

We recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems. After the initial analysis we noticed similarities in the code of the Trojan, the text of the ransom notes and the general approach to extortion, which suggested that we had in fact encountered a
Publish At:2020-11-06 11:47 | Read:185 | Comments:0 | Tags:Featured Malware descriptions Encryption Linux Malware Descr

Google researcher found BleedingTooth flaws in Linux Bluetooth

Google security researcher discovered Bluetooth vulnerabilities (BleedingTooth) in the Linux kernel that could allow zero-click attacks. Andy Nguyen, a Google security researcher, has found Bluetooth vulnerabilities, referred to as BleedingTooth, in the Linux kernel that could be exploited by attackers to run arbitrary code or access sensitive information
Publish At:2020-10-14 20:47 | Read:246 | Comments:0 | Tags:Breaking News Hacking BleedingTooth Bluetooth hacking news i

Crypto-mining worm adds Linux password stealing capability

The TeamTNT cybercrime group has recently updated its crypto-mining worm with password-stealing capabilities and with an additional network scanner to make it easier to spread to other vulnerable devices.While known mostly for actively targeting Docker instances to use compromised systems for unauthorized Monero (XMR) mining, the group now shifted their tact
Publish At:2020-10-05 15:12 | Read:483 | Comments:0 | Tags:Security Cloud Linux

Tripwire Patch Priority Index for September 2020

Tripwire‘s September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions.Up first on the patch priority list this month is a very high priority vulnerability, which is called “Zerologon” and identified by CVE-2020-1472. It is an elevation of privilege vulnerability
Publish At:2020-10-05 02:49 | Read:662 | Comments:0 | Tags:Featured Articles VERT Apple Linux microsoft patch priority

IPStorm botnet evolves to infect Android, Linux, and Mac devices

Researchers from Intezer reported that the IPStorm botnet has evolved to infect other operating systems, including Android, Linux, and Mac devices. The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect other platforms, including Android, Linux, and Mac devices.
Publish At:2020-10-02 17:12 | Read:484 | Comments:0 | Tags:Breaking News Hacking Malware Android IPStorm LINUX malware

Looking for sophisticated malware in IoT devices

One of the motivations for this post is to encourage other researchers who are interested in this topic to join in, to share ideas and knowledge and to help build more capabilities in order to better protect our smart devices. Research background Smart watches, smart home devices and even smart cars – as more and more connected devices join the IoT ecosystem
Publish At:2020-09-30 10:56 | Read:370 | Comments:0 | Tags:Featured Research Firmware Internet of Things Linux Malware

Windows 10 now lets you mount Linux ext4 filesystems in WSL 2

Windows 10 now allows you to mount physical disks formatted using the Linux ext4 filesystem in the Windows Subsystem for Linux 2.Linux filesystems, such as ext4, cannot be natively accessed in Windows 10 without installing special drivers.Starting with Windows 10 preview build 20211, WSL 2 now includes a wsl --mount command that lets you mount
Publish At:2020-09-10 16:20 | Read:415 | Comments:0 | Tags:Microsoft Linux

CDRThief Linux malware steals VoIP metadata from Linux softswitches

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). Security experts from ESET discovered a new piece of malware, tracked as CDRThief, that targets the Linux VoIP platform, Linknat VOS2009/3000 softswitches, to steal call data records (CDR) from telephone exchange equ
Publish At:2020-09-10 13:30 | Read:383 | Comments:0 | Tags:Breaking News Hacking Malware CDRThief hacking news informat

Tools