Security News

The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform. With VMware ESXi being the most popular virtual machine platform, almost every enterprise-targeting ransomware operation has begun to release encryptors that specifically target its virtual machines.

You'll also learn why disabling the Linux login banner helps make your Linux servers more secure.

Google's open security team has claimed the Linux kernel code is not good enough, with nearly 100 new fixes every week, and that at least 100 more engineers are needed to work on it. Kees Cook, a Google software engineer who has devoted much of his time to security features in the Linux kernel, has posted about continuing problems in the kernel which he said have insufficient focus.

Jack Wallen walks you through the steps to join Ubuntu Desktop to Active Directory domains.

Jack Wallen teaches you how to use simple bash scripts to automate backing up your VirtualBox VMs.

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF that can give an attacker increased privileges on Ubuntu machines. eBPF is a technology that enables user-supplied programs to run sandboxed inside the operating system's kernel, triggered by a specific event or function.

An infamous cross-platform crypto-mining malware has continued to refine and improve upon its techniques to strike both Windows and Linux operating systems by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns. "LemonDuck, an actively updated and robust malware that's primarily known for its botnet and cryptocurrency mining objectives, followed the same trajectory when it adopted more sophisticated behavior and escalated its operations," Microsoft said in a technical write-up published last week.

Evasive techniques used by attackers, date back to the earlier days, when base64 and other common encoding schemes were used. In this report, we highlight those common defense evasion techniques, which are common in malicious Linux shell scripts.

Microsoft's Windows 10 and the upcoming Windows 11 versions have been found vulnerable to a new local privilege escalation vulnerability that permits users with low-level permissions access Windows system files, in turn, enabling them to unmask the operating system installation password and even decrypt private keys. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," the Windows makers noted.

Recent builds of Windows 10, and the preview of Windows 11, have a misconfigured access control list for the Security Account Manager, SYSTEM, and SECURITY registry hive files. You may think you're safe because your Windows PC doesn't have a suitable VSS shadow copy, yet there are ways to end up quietly creating one and put your machine at risk.