Linux Hacks & Cracks - Page 8
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The newly discovered FontOnLake malware family delivers backdoor and rootkit components to infect Linux systems concealed in legitimate binaries.
It has been discovered that the RansomExx ransomware gang does not correctly lock Linux files during encryption, leading to potentially corrupted files.
The new Capoae Go malware, which targets WordPress installs and Linux systems, highlights the increase of cyberattacks designed to deploy cryptocurrency-mining payloads.
Hackers have developed a Linux port of the Cobalt Strike penetration testing toolkit dubbed Vermilion Strike to evade malware detection.
The HolesWarm botnet cryptominer has already compromised 1,000-plus clouds since June.
The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform. As more businesses move to this type of platform for their servers, we expect to continue to see ransomware developers focus primarily on Windows machines - but also create a dedicated Linux encryptor targeting ESXi.
The Uptycs Threat Research team outlines how malicious Linux shell scripts are used to cloak attacks and how defenders can detect these threats and mitigate their risk of suffering an attack.
Hackers are turning coding languages such as Go, Rust, Nim and DLang into next-gen malware targeting Linux and Windows systems, enabling them to avoid signature detection and add layers of obfuscation.
The infamous cross-platform LemonDuck crypto-mining malware has continued to refine and improve upon its techniques to strike both Linux and Windows OSes by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns.
The ransomware gang behind the notorious attack on CD Projekt Red is now using a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage.
Learn about common defense evasion techniques used in malicious shell scripts and how Uptycs detects them.
Experts say that an affiliate-driven approach and regular malware refinements are key to REvil's ransomware success formula.
The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines. By targeting virtual machines this way, REvil can encrypt many servers at once with a single command.
The Necro Python bot - which targets both Linux and Windows systems - changes its code to evade traditional security detection. Learn the details, and get advice on how to secure your systems.
Embedded Linux devices are everywhere these days, and sooner or later, you’re going to want to poke around in one of them. But how? Learn the techniques and tools Felipe Astroza has used to hack the Foscam C1 security camera, which will work on a wide range of embedded Linux gadgets.
A new malicious package targeting NodeJS developers using Linux and macOS has been discovered hidden in a fake Browserify NPM package.
The maintainers of the PHP programming language have issued an update regarding the security incident that came to light late last month, stating that the actors may have gotten hold of a user database containing their passwords to make unauthorized changes to the repository. This was initially treated as a compromise of the git.php.net server - but further investigation into the incident has revealed that the commits were a result of pushing them using HTTPS and password-based authentication.
Linux servers are being targeted with sophisticated malware believed to have been developed by Chinese hackers using an end-of-life Red Hat compiler.
Both Linux and Windows servers are being targeted by the dangerous new WatchDog botnet, which uses exploits to take over servers and mine cryptocurrency.
Russian digital espionage group Fancy Bear has incorporated a new Linux-based malware dubbed “Drovorub” into their attack campaigns, according to the National Security Agency (NSA) and the FBI.