Linux Hacks & Cracks - Page 12
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution, was hacked on Saturday, July 6.
A new form of malware has been spotted in the wild by cybersecurity companies which say the code's main focus is the fraudulent mining of the Monero (XMR) cryptocurrency.
US Cyber Command has issued a warning about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook.
Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed.
The OpenSSH project has received a patch that prevents private keys from being stolen through hardware vulnerabilities that allow hackers to access restricted memory regions from unprivileged processes. The same approach could be used by other software application to protect their secrets in RAM until the issues are fixed in future generations of SDRAM chips and CPUs.
A botnet is a collection of internet-connected devices that an attacker has compromised. Botnets act as a force multiplier for individual attackers, cyber-criminal groups and nation-states looking to disrupt or break into their targets’ systems. Commonly used in distributed denial of service (DDoS) attacks, botnets can also take advantage of their collective computing power to send large volumes of spam, steal credentials at scale, or spy on people and organizations.
There is a new cryptocurrency-mining botnet that arrives via open ADB (android Debug Bridge) ports and can spread via SSH, according to Trend Micro.
A new report of the investigation into the $530 million hack that ruined Japanese cryptocurrency exchange Coincheck in January 2018 states that Russian, not North Korean, actors may have been behind the attack.
Eagle-eyed researchers from streaming titan Netflix have uncovered several troubling security vulnerabilities within the TCP implementations on Linux and FreeBSD kernels. The most severe specimen, called SACK Panic, could permit an attacker to remotely induce a kernel panic within recent Linux operating systems.
Researchers have spotted a major new cyber-attack campaign targeting millions of Linux email servers around the world with a cryptomining malware payload.
ASCO, one of the world's largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium.
Security expert Armin Razmjou recently detected a high-risk arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim.
If you're a cryptocurrency startup, would you face a huge backlash by hacking your own customers to keep their funds safe if you know that a hacker is about to launch an attack and steal their funds?
Fresh off dealing with chaos caused by last month's ransomware attack, the city of Baltimore has a new problem to deal with -- the $18 million in damages that came with it.
When Intel and a group of security researchers revealed the existence of new security flaws in older generations of the company’s microchips in May, the news came with a particularly troubling detail: it took over a year to get a solution for one of the flaws in place.
A massive data breach has struck Quest Diagnostics and the information of up to 11.9 million patients has potentially been compromised.
There are lots of books on tools and techniques to secure software containers, but what happens when someone discovers a basic architectural flaw? And what do you do when there’s no working patch for it?
The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns.
As a forewarning to those using LVM, dm-crypt, and Samsung solid-state drives, this combination in some manner(s) may lead to data corruption if using the Linux 5.1 kernel.
Equifax has incurred losses so far of over $1.35bn from a devastating 2017 breach which affected more than half of all Americans and millions of UK consumers, the firm revealed in its latest financials.