Linux Archives - Page 3 of 4 - Cyber Security Minute

FBI, NSA Share Details on New ‘Drovorub’ Linux Malware Used by Russia

Issued by: Security Week

Drovorub, a joint advisory from the NSA and the FBI reveals, is being employed by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, which is better known as the cyber-espionage group APT 28 (Fancy Bear, Pawn Storm, Strontium, Sednit, Tsar Team). APT 28 is believed to…

Software Security

REMnux toolkit for malware analysis version 7 released

Issued by: Help Net Security

REMnux is a popular Linux-based toolkit for reverse-engineering malicious software which malware analysts have been relying on for more than 10 years to help them quickly investigate suspicious programs, websites, and document files. As the security industry matures, it becomes harder to keep track of all the tools that are available to assist with the…

Software Security

Microsoft releases Defender ATP for Android and Linux

Issued by: Help Net Security

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. Microsoft Defender Advanced Threat Protection is designed to help enterprises prevent, detect, investigate, and respond to advanced cyber threats on company endpoints from one central point. Microsoft Defender ATP for Linux Microsoft Defender ATP initially offered protection…

Malware & Threats

Most wanted malware in January 2019: A new threat speaks up

Issued by: Help Net Security

Check Point’s Global Threat Index for January 2019 reveals a new backdoor Trojan affecting Linux servers, which is distributing the XMRig crypto-miner. The new malware, dubbed SpeakUp, is capable of delivering any payload and executing it on compromised machines. The new Trojan currently evades all security vendors’ anti-virus software. It has been propagated through a…

Vulnerabilities

Code Execution Vulnerability Impacts Linux Package Manager

Issued by: Security Week

Tracked as CVE-2019-3462, the software bug could be exploited by hackers able to perform network man-in-the-middle (MitM) attacks to inject content and have it executed on the target machine with root privileges. Malicious package mirrors can also exploit the bug. “The code handling HTTP redirects in the HTTP transport method doesn’t properly sanitize fields transmitted…

Software Security

Ubuntu 17.10 brings enhanced security and productivity for developers

Issued by: Help Net Security

Canonical released Ubuntu 17.10 featuring a new GNOME desktop on Wayland, and new versions of KDE, MATE and Budgie. On the cloud, 17.10 brings Kubernetes 1.8 for hyper-elastic container operations, and minimal base images for containers. Enhanced security and productivity for developers The Atom editor and Microsoft Visual Studio Code are emerging as the new wave of…

Vulnerabilities

Billions of Bluetooth-enabled devices vulnerable to new airborne attacks

Issued by: Help Net Security

Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices. The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a…

Malware & Threats

Rakos Malware Takes Over Embedded Linux Devices

Issued by: Security Week

A recently observed piece of malware targeting embedded Linux systems can provide attackers with full control over the infected devices, ESET security researchers warn. Dubbed Rakos, the newly discovered malware is attacking vulnerable devices via brute force SSH login attempts, a method already observed in various other Linux threats. The new malicious program is looking to infect…

Application Security, Malware & Threats

Week in review: DNS DDoS, Linux kernel zero-day, VeraCrypt audited

Issued by: Help Net Security

Here’s an overview of some of last week’s most interesting news, reviews and articles: Dirty COW Linux kernel zero-day exploited in the wild is now patched Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm.

Software Security

Easy-to-exploit rooting flaw puts Linux computers at risk

Issued by: CIO Security

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that’s already being exploited in the wild and poses a serious risk to servers, desktops and other devices that run the OS. The vulnerability, tracked as CVE-2016-5195, has existed in the Linux kernel for the past nine years. This means that many…