Linux Hacks & Cracks - Page 68

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors

U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies. This attack has reignited debate about encryption backdoors, an ongoing contention a...
Oct 16, 2024
  0

FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems

As malware threats evolve to increasingly target Linux ...
Oct 16, 2024
  0
32.Lock Code Circular Esm H115

The Infiltration of Supply Chain Attacks in Open-Source Software Management

Open-source projects are renowned for their collaborati...
Oct 15, 2024
  0
30.Lock Globe Motherboard Esm H115

Discover Hacks/Cracks News

(Almost) Universal perl CGI exploitation

(Almost) Universal perl CGI exploitation

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This works on the perl pipe bug. It'll take an arg that's the address of a website and it's cgi script with some args to the script then figure out if it can exploit it and how. It's worked on everything I've tried it on, though I have limited test boxes. It's pretty dirty but it works.

Distributed SSH Brute Force Attempts on the rise again

Distributed SSH Brute Force Attempts on the rise again

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

SSH brute force attempts seem to be on the rise again, at the SANS Internet Storm Center we have received a number of reports that a number of networks are seeing them. The source IP addresses vary with each new attempted username in the wordlist, which would indicate that the attempts are distributed through botnet(s).

Linux Trojan Raises Malware Concerns

Linux Trojan Raises Malware Concerns

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I've got good news and bad news for those of the misguided perception that Linux is somehow impervious to attack or compromise. The bad news is that it turns out a vast collection of Linux systems may, in fact, be pwned. The good news, at least for IT administrators and organizations that rely on Linux as a server or desktop operating system, is that the Trojan is in a game download so it should have no bearing on Linux in a business setting.

IRC server had backdoor in source code for months - Update

IRC server had backdoor in source code for months - Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The developers of the open source IRC server UnrealIRCd have had to report that the file servers of the project were compromised several months ago and the IRC servers code, Unreal3.2.8.1.tar.gz was replaced by a version with a backdoor. The backdoor allows anyone to execute commands on the server running UnrealIRCd, with the privileges of the user running the IRC daemon,

Free Bradley Manning!

Free Bradley Manning!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

No good deed goes unpunished, and that is especially true when it comes to whistleblowers who expose the murderous machinations of the US government: SPC Bradley Manning, a 22-year-old intelligence analyst stationed at Forward Operating Base Hammer in the vicinity of Baghdad, was arrested two weeks ago for having supposedly sent Wikileaks the

World of Warcraft accounts stolen

World of Warcraft accounts stolen

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Symantec says it has unearthed a server hosting the credentials of 44 million stolen gaming accounts - and one of the most surprising aspects of it is that the accounts were being validated by a Trojan distributed to compromised computers.

Hackers penetrate Carder forum

Hackers penetrate Carder forum

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hackers have penetrated German underground forum carders.cc, copied login details, e-mail addresses and private e-mails from several thousand members and published them on RapidShare. According to a list seen by The H's associates at heise Security, the forum software had also logged the IP addresses of nearly one thousand members over a specific period. These have also been published.

Malware on Hijacked Subdomains. New Trend?

Malware on Hijacked Subdomains. New Trend?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Yesterday, Patrick (aka Noxwizard, phpBB support team member) pointed me at the new malware attack that surfaced this week (first mentioned on May 16th). The attack creates/modifies .htaccess files to redirect site visitors that come from major search engines and popular websites (e.g. Twitter, Facebook, Wikipedia, Flickr, Ebay, etc) to scareware sites that aggressively push fake anti-virus software.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved