Security News

Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware
2024-03-17 09:00

Transitioning to memory-safe languages: Challenges and considerationsIn this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation, discusses the evolution of memory-safe programming languages and their emergence in response to the limitations of languages like C and C++. LastPass' CIO vision for driving business strategy, innovationRecently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. MobSF: Open-source security research platform for mobile appsThe Mobile Security Framework is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile.

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
2024-03-12 08:55

A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Magnet Goblin - as the threat actor has been dubbed by Check Point researchers - has been targeting unpatched edge devices and public-facing servers for years.

Magnet Goblin hackers use 1-day flaws to drop custom Linux malware
2024-03-09 15:08

A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems. Check Point analysts who identified Magnet Goblin report that these threat actors are quick to exploit newly disclosed vulnerabilities, in some cases exploiting flaws a day after a PoC exploit is released.

Stealthy GTPDOOR Linux malware targets mobile operator networks
2024-03-03 15:16

Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks. The GRX is a component of mobile telecommunications that facilitates data roaming services across different geographical areas and networks.

New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
2024-03-01 10:56

Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of...

New Bifrost malware for Linux mimics VMware domain for evasion
2024-02-29 21:36

A new Linux variant of the Bifrost remote access trojan employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. The analysis of the latest Bitfrost samples by Unit 42 researchers has uncovered several interesting updates that enhance the malware's operational and evasion capabilities.

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
2024-02-29 11:33

Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the...

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels
2024-02-29 10:20

OffSec has released Kali Linux 2024.1, the latest version of its popular penetration testing and digital forensics platform.The new version comes with new tools, a fresh look, a new image viewer for the Gnome desktop and a usability enhancement to the Xfce desktop, and updates for the Kali NetHunter mobile pentesting platform.

Kali Linux 2024.1 released with 4 new tools, UI refresh
2024-02-28 19:47

Kali Linux has released version 2024.1, the first version of 2024, with four new tools, a theme refresh, and desktop changes. [...]

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
2024-02-21 16:16

Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a...