Security News

New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users
2022-01-12 20:13

A new cross-platform backdoor called "SysJoker" has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that's believed to have been initiated during the second half of 2021. "SysJoker masquerades as a system update and generates its by decoding a string retrieved from a text file hosted on Google Drive," Intezer researchers Avigayil Mechtinger, Ryan Robinson, and Nicole Fishbein noted in a technical write-up publicizing their findings.

New SysJoker backdoor targets Windows, macOS, and Linux
2022-01-11 15:04

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

New SysJocker backdoor targets Windows, macOS, and Linux
2022-01-11 15:04

A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS
2022-01-11 15:00

Dubbed SysJoker by Intezer, the backdoor is used for establishing initial access on a target machine. A possible attack vector for SysJoker is an infected npm package, according to Intezer's analysis - an increasingly popular vector for dropping malware on targets.

Linux version of AvosLocker ransomware targets VMware ESXi servers
2022-01-10 21:09

AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. While we couldn't find what targets were targeted using this AvosLocker ransomware Linux variant, BleepingComputer knows of at least one victim that got hit with a $1 million ransom demand.

Linux Mint 20.3 released promising security updates until 2025
2022-01-10 16:43

Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. Long-term support releases are for those who favor stability over bleeding-edge software and experimental features, so Linux Mint 20.3 is ideal for those who want to keep the same system without significant changes for years.

TellYouThePass ransomware revived in Linux, Windows Log4j attacks
2021-12-17 20:25

Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. KnownSec 404 Team's Heige first reported these attacks on Twitter on Monday after observing that the ransomware was dropped on old Windows systems using exploits targeting the flaw tracked as CVE-2021-44228 and known as Log4Shell.

Kodachi is the operating system for those who value privacy but don't want to learn Linux
2021-12-15 16:20

For anyone looking to gain an extra layer of privacy on a desktop or laptop, Kodachi Linux might be the perfect option. Do you veer toward the over-cautious when it comes to your privacy? Do you loathe the idea that you're being tracked by third-party cookies, and standard browsers and operating systems aren't capable of doing enough to keep you safe? At the same time, are you too busy to learn a new operating system?

How to test if your Linux server is vulnerable to Log4j
2021-12-14 16:24

Here's a single command you can run to test and see if you have any vulnerable packages installed. Are you using it as part of a Java project, is it rolled into a container, did you install it with your distribution package manager, and which log4j packages did you install? Or did you install it from source? Because of this, you might not even know if your server is vulnerable.

Week in review: Apache Log4j 0day exploited, Kali Linux 2021.4 released, Patch Tuesday forecast
2021-12-12 09:00

Critical RCE 0day in Apache Log4j library exploited in the wildA critical zero-day vulnerability in Apache Log4j, a widely used Java logging library, is being leveraged by attackers in the wild.Kali Linux 2021.4 released: Wider Samba compatibility, The Social-Engineer Toolkit, new tools, and more!Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: wider Samba compatibility, switching package manager mirrors, enhanced Apple M1 support, Kaboxer theming, updates to Xfce, GNOME and KDE, Raspberry Pi Zero 2 W + USBArmory MkII ARM images, as well as new tools.