Security News
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware. BleepingComputer has also contacted the vendor of Free Download Manager for a comment, but we haven't heard back by publication time.
Linux is a powerful and customizable operating system that has been the backbone of many businesses for decades. This policy from TechRepublic Premium provides guidelines for securing Linux on...
Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform.Besides updates to current tools, new versions of Kali typically introduce fresh tools.
Kali Linux 2023.3, the third version of 2023, is now available for download, with nine new tools and internal optimizations. Kali Linux is a Linux distribution created for ethical hackers and cybersecurity professionals to perform penetration testing, security audits, and research against networks.
How to Quickly Give Users sudo Privileges in Linux If you have users that need certain admin privileges on your Linux machines, here's a walk-through of the process for granting full or specific rights. How many times have you created a new user on a Linux machine, only to find out that new user doesn't have sudo privileges? Without the ability to use sudo, that user is limited in what they can do.
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down its operations, deliberately imitating the tactics and tools associated with the latter, including its leaked source code.
The Monti ransomware gang has returned, after a two-month break from publishing victims on their data leak site, using a new Linux locker to target VMware ESXi servers, legal, and government organizations. Researchers at Trend Micro analyzing the new encryption tool from Monti found that it has "Significant deviations from its other Linux-based predecessors."
Vulnerable Redis services have been targeted by a "New, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week.
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center said in a report published this week.
The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise. With VMware ESXi being one of the most popular virtual machine platforms, almost every ransomware gang has begun to release Linux encryptors to encrypt all virtual servers on a device.