Security News
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord serverOffensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Cisco has been hacked by a ransomware gangU.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site.
A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems. Infection chains leverage a chat application called MiMi, with its installer files compromised to download and install HyperBro samples for the Windows operating system and rshell artifacts for Linux and macOS. As many as 13 different entities located in Taiwan and the Philippines have been at the receiving end of the attacks, eight of whom have been hit with rshell.
Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor that can be used to steal data from Linux and macOS systems. SEKOIA's Threat & Detection Research Team says that the app's macOS 2.3.0 version has been backdoored for almost four months, since May 26, 2022.
The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333, the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.
Why? GitLab explained: "Due to Microsoft Windows' dominance in desktop operating systems, Windows is the platform most targeted by spyware, viruses, and ransomware." Windows' security mess has never been just because Windows is more popular.
Offensive Security has released Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support. With this release, Kali Linux is using Linux Kernel 5.18.5.
Offensive Security has released Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support. With this release, Kali Linux is using Linux Kernel 5.18.5.
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. The Kali Team knows the importance of practicing instead of relying on theory, and for infosecurity professionals, test labs are a way to test tools and hone their own skills in a legal environment.
"This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai," Fortinet FortiGuard Labs said in a report. The malware, which gets its name from an embedded URL to a YouTube rap music video in an earlier version, is said to have amassed a growing collection of compromised SSH servers, with over 3,500 unique IP addresses used to scan and brute-force their way into the servers.
A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. On Wednesday, Korean cybersecurity experts at Ahnlab published a report on the Windows encryptor, and yesterday, security researchers at ReversingLabs published their technical analysis of the Linux version.