Security News

Offensive Security has released Kali Linux 2022.4, the latest version of its popular penetration testing and digital forensics platform. Aside from updates to existing tools, a new Kali version always delivers new tools.

Hackers are abusing the open-source Linux PRoot utility in BYOF attacks to provide a consistent repository of malicious tools that work on many Linux distributions. A Bring Your Own Filesystem attack is when threat actors create a malicious filesystem on their own devices that contain a standard set of tools used to conduct attacks.

Microsoft announced today that the Store version of Windows Subsystem for Linux is generally available for Windows 10 and 11 customers. Following customer requests, all Windows 10 users can now use Linux GUI apps after updating to the Microsoft Store version.

BYOD policies have made enterprise networks more diverse, and devices that used to only be connected to corporate networks are now likely on the internet as well. "You have to think of everything that runs software or code in your network as you do threat modeling for your network, and then have a plan in place," Ganacharya said.

5 Kali Linux tools you should learn how to useKali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. Stop audience hijacking and defend against redirection to malicious websitesIn this Help Net Security video, Patrick Sullivan, CTO of Security Strategy at Akamai, talks about the threat of audience hijacking and offers protection tips.

Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. Kali Linux also comes with several hundred specialized tools for carrying out penetration testing, security research, computer forensics, reverse engineering, vulnerability management, and red team testing.

Webinar Linux has come a long way from the early days of 1991 when the Linux kernel grew out of a student project. Today, it has arguably progressed to be the standard operating system for developing and running workloads in the cloud.

OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. Group-IB researchers have been tracking OldGremlin and their tactics, techniques, and procedures since the first attacks attributed to the group in March 2020.

New Alchimist attack framework hits Windows, Linux and Mac. During initialization, all its content is placed in hard coded folders, namely /tmp/Res for the web interface, HTML files and more folders, and /tmp/Res/Payload for its payloads for Windows and Linux operating systems.

A previously undocumented command-and-control framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode execution, and run arbitrary commands," Cisco Talos said in a report shared with The Hacker News.