Linux Hacks & Cracks - Page 8

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions

New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone was the recent discovery of Bootkitty, the first known UEFI bootkit explicitly designed to target ...
Dec 02, 2024
  0

Perfctl Unveiled: Risks, Detection, and Proactive Defense Measures

Security researchers have discovered a sophisticat...
Nov 26, 2024
  0
28.Lock Globe Esm H115

Unveiling the WolfsBane Backdoor: Gelsemium's Linux Variant of Gelsevirine

WolfsBane, the latest Linux variant of the Gelsevirine ...
Nov 25, 2024
  0
31.Lock DigitalRoom Esm H115

Discover Hacks/Cracks News

Discover How NginRAT Exposes eCommerce Servers to Payment Data Theft

Discover How NginRAT Exposes eCommerce Servers to Payment Data Theft

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. “NginRAT essentially hijacks a host Nginx application to stay undetected. To do that, NginRAT modifies core functionality of the Linux host system. When the legitimate Nginx web server uses such functionality (eg dlopen), NginRAT intercepts it to inject itself.”

Unveiling CronRat: Stealthy Tactics of a Linux Remote Access Trojan

Unveiling CronRat: Stealthy Tactics of a Linux Remote Access Trojan

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of sight from security products. The malware, dubbed CronRat, hides in the calendar subsystem of Linux servers (“cron”) on a non-existent day, 31 February, according to a blog post by security researchers at Sansec.

These stealthy hackers avoid Windows but target Linux as they look to steal phone data

These stealthy hackers avoid Windows but target Linux as they look to steal phone data

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The stealthy LightBasin hacking group (also known as UNC1945) is infiltrating telecommunications companies around the world in a campaign that researchers have linked to intelligence gathering and cyber espionage. LightBasin's primary focus is on Linux and Solaris servers that are critical for running telecommunications infrastructure – and are likely to have less security measures in place than Windows systems. 

Linux version of BlackMatter ransomware targets VMware ESXi servers

Linux version of BlackMatter ransomware targets VMware ESXi servers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform. As more businesses move to this type of platform for their servers, we expect to continue to see ransomware developers focus primarily on Windows machines - but also create a dedicated Linux encryptor targeting ESXi.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved