Security News
Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and the GNOME 45 desktop environment.With this final release of 2023, the Kali Team says there are not many new features added to the core operating system, but they did bundle fifteen new tools, and the distro now ships with the GNOME 45 desktop environment.
OffSec has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform. Enum4linux-ng - Next generation version of enum4linux with additional features exiflooter - Finds geolocation info on all image URLs and directories.
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date. Last month, security researcher MalwareHunterTeam found a Linux ELF64 encryptor for the Qilin ransomware gang and shared it with BleepingComputer to analyze.
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions. CISA also added the actively exploited Linux flaw to its Known Exploited Vulnerabilities Catalog today, including it in its list of "Frequent attack vectors for malicious cyber actors" and posing "Significant risks to the federal enterprise."
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing...
A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution. This new attack exploits flaws in AMD's Secure Encrypted Virtualization-Encrypted State and Secure Encrypted Virtualization-Secure Nested Paging tech designed to protect against malicious hypervisors and reduce the attack surface of VMs by encrypting VM data and blocking attempts to alter it in any way.
Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems. A Linux version of the BiBi wiper was seen in late October by researchers at cybersecurity companies ESET and SecurityJoes, who noted that it was launched by pro-Hamas hacktivists.
That's why we've partnered with the Microsoft Azure team to test CIS Hardened Images for Linux using Azure Monitor Agent. For context, Azure Monitor is a service that helps you evaluate the availability and performance of your applications and services in Microsoft Azure.
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. In a report from cloud security company Aqua Nautilus, researchers describe a Kinsing malware attack where the threat actor exploited CVE-2023-4911 to elevate permissions on a compromised machine.
The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign"...