Security News

With FDE, everything gets encrypted, including unused parts of the disk, deleted sectors, filenames, swapfile data, the apps you're using, the operating system files you've installed, and even the disk space you've deliberately zeroed out to forcibly overwrite what was there before. Did you use the right cryptographic algorithm? Did you generate the encryption keys reliably? Did you handle the issue of data integrity properly? Can you change passwords safely and quickly? How easy is it to lock yourself out by mistake? What if you want to adjust the encryption parameters as your corporate policies evolve?

A new cross-platform backdoor called "SysJoker" has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that's believed to have been initiated during the second half of 2021. "SysJoker masquerades as a system update and generates its by decoding a string retrieved from a text file hosted on Google Drive," Intezer researchers Avigayil Mechtinger, Ryan Robinson, and Nicole Fishbein noted in a technical write-up publicizing their findings.

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

Dubbed SysJoker by Intezer, the backdoor is used for establishing initial access on a target machine. A possible attack vector for SysJoker is an infected npm package, according to Intezer's analysis - an increasingly popular vector for dropping malware on targets.

AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. While we couldn't find what targets were targeted using this AvosLocker ransomware Linux variant, BleepingComputer knows of at least one victim that got hit with a $1 million ransom demand.

Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. Long-term support releases are for those who favor stability over bleeding-edge software and experimental features, so Linux Mint 20.3 is ideal for those who want to keep the same system without significant changes for years.

Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. KnownSec 404 Team's Heige first reported these attacks on Twitter on Monday after observing that the ransomware was dropped on old Windows systems using exploits targeting the flaw tracked as CVE-2021-44228 and known as Log4Shell.

For anyone looking to gain an extra layer of privacy on a desktop or laptop, Kodachi Linux might be the perfect option. Do you veer toward the over-cautious when it comes to your privacy? Do you loathe the idea that you're being tracked by third-party cookies, and standard browsers and operating systems aren't capable of doing enough to keep you safe? At the same time, are you too busy to learn a new operating system?

Here's a single command you can run to test and see if you have any vulnerable packages installed. Are you using it as part of a Java project, is it rolled into a container, did you install it with your distribution package manager, and which log4j packages did you install? Or did you install it from source? Because of this, you might not even know if your server is vulnerable.