Security News

Another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems. PyPI is a repository of open-source packages that developers can use to share their work or benefit from the work of others, downloading the functional libraries required for their projects.

A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use of XOR-based encryption for communications with its command-and-control server, is known to have been active since at least 2014.

A stealthy and modular malware used to hack into Linux devices and build a DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealed today. XorDDoS is known for targeting a multitude of Linux system architectures, from ARM to x64, and compromising vulnerable ones in SSH brute-force attacks.

The rules of Pwn2Own are somewhat strange, given that some entrants may end up not actually competing at all. The Tesla hackers, plus the browser and virtualisation entrants, will all definitely get a turn, because they're the only competitors in their categories.

The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft. The strain, which Microsoft's Security Intelligence team calls Sysrv-K, scans the internet for web servers that have security holes, such as path traversal, remote file disclosure, and arbitrary file download bugs, that can be exploited to infect the machines.

Unpatched vulnerabilities in the Spring Framework and WordPress plugins are being exploited by cybercriminals behind the Sysrv botnet to target Linux and Windows systems. The botnet variant is being called Sysrv-K by Microsoft Security Intelligence researchers that posted a thread on Twitter revealing details of the botnet variant.

Offensive Security has released Kali Linux 2022.2, the latest version of its popular penetration testing and digital forensics platform.There are a number of tweaks included in Kali for ARM, especially in the Raspberry Pi image.

Microsoft is warning of a new variant of the srv botnet that's exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers.

Kali Linux is a Linux distribution for cybersecurity professionals and ethical hackers to perform penetration testing, security audits, and research against internal and remote networks. "The shell theme now includes a more modern look, removing the arrows from the pop-up menus and using more rounded edges. In addition, we've upgraded and tweaked the dash-to-dock extension, making it integrate better with the new look and fixing some bugs," the Kali Team explains in a new blog post.

Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. "The new variant, which we call Sysrv-K, sports additional exploits and can gain control of web servers" by exploiting various vulnerabilities, the Microsoft Security Intelligence team said in a Twitter thread. "These vulnerabilities, which have all been addressed by security updates, include old vulnerabilities in WordPress plugins, as well as newer vulnerabilities like CVE-2022-22947."