Security News

Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices
2021-10-22 21:24

Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question - named okhsa, klow, and klown - were published by the same developer and falsely claimed to be JavaScript-based user-agent string parsers designed to extract hardware specifics from the "User-Agent" HTTP header.

Crims target telcos' Linux and Solaris boxes, which don't get enough infosec love
2021-10-20 05:40

Security vendor CrowdStrike claims it's spotted the group and that it "Has been consistently targeting the telecommunications sector at a global scale since at least 2016 to retrieve highly specific information from mobile communication infrastructure, such as subscriber information and call metadata." The gang appears to understand telco operations well enough to surf the carrier-to-carrier links that enable mobile roaming, across borders and between carriers, to spread its payloads. "Whatever the group is called, the pair write that it"employs significant operational security measures, primarily establishing implants across Linux and Solaris servers, with a particular focus on specific telecommunications systems, and only interacting with Windows systems as needed.

Windows 10, Linux, iOS, Chrome and Many Others at Hacked Tianfu Cup 2021
2021-10-17 23:50

Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China. The Chinese version of Pwn2Own was started in 2018 in the wake of government regulation in the country that barred security researchers from participating in international hacking competitions because of national security concerns.

Microsoft releases Linux version of the Windows Sysmon tool
2021-10-14 17:44

Microsoft has released a Linux version of the very popular Sysmon system monitoring utility for Windows, allowing Linux administrators to monitor devices for malicious activity. Today, Microsoft's Mark Russinovich and a cofounder of the Sysinternals utility suite, announced that Microsoft had released Sysmon for Linux as an open-source project on GitHub.

Researchers Warn of FontOnLake Rootkit Malware Targeting Linux Systems
2021-10-10 19:58

Cybersecurity researchers have detailed a new campaign that likely targets entities in Southeast Asia with a previously unrecognized Linux malware that's engineered to enable remote access to its operators, in addition to amassing credentials and function as a proxy server. The malware family, dubbed "FontOnLake" by Slovak cybersecurity firm ESET, is said to feature "Well-designed modules" that are continuously being upgraded with new features, indicating an active development phase.

FontOnLake malware infects Linux systems via trojanized utilities
2021-10-10 17:16

A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. FontOnLake has multiple modules that interact with one another and enable communication with malware operators, stealing sensitive data, and staying hidden on the system.

How to install the Nessus vulnerability scanner on Rocky Linux
2021-09-30 19:05

If you're looking for one of the best vulnerability scanners on the market, Nessus might be the ticket. Nessus is a very popular vulnerability scanner used by tens of thousands of organizations across the globe.

RansomExx ransomware Linux encryptor may damage victims' files
2021-09-30 13:00

Cybersecurity firm Profero has discovered that the RansomExx gang does not correctly lock Linux files during encryption, leading to potentially corrupted files. In a new report by Profero, Senior Incident Responder Brenton Morris says the RansomEXX decryptor was failing on various files encrypted by the threat actor's Linux Vmware ESXI encryptor for one the victims who paid the ransom.

How to create Let's Encrypt SSL certificates with acme.sh on Linux
2021-09-23 19:34

Issuing and installing SSL certificates doesn't have to be a challenge, especially when there are tools like acme. Installing SSL certificates isn't difficult, but it's a process every Linux administrator will have to take on at some point in their career.

Week in review: Kali Linux 2021.3, how to avoid cloud configuration breaches, hybrid digital dexterity
2021-09-19 08:00

Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more!Offensive Security has released Kali Linux 2021.3, the latest version of its popular open source penetration testing platform. Third-party cloud providers: Expanding the attack surfaceIn this interview with Help Net Security, Fred Kneip, CEO at CyberGRX, talks about the lack of visibility into third-party risk, how to address this issue, and what companies should consider when choosing the right cloud provider.