Security News
A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called "Gitpaste-12," which used GitHub to host malicious code containing as many as 12 known attack modules that are executed via commands downloaded from a Pastebin URL. The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020.
FireEye breach: State-sponsored attackers stole hacking toolsU.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed. Key cybersecurity problems expected to mark 2021After a year in which COVID-19 upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to ESET. How Kali Linux creators plan to handle the future of penetration testingOffensive Security might best known as the company behind Kali Linux, the popular open-source pen testing platform, but its contribution to the information security industry is definitely not limited to it.
TTTech Industrial is launching the first commercial product based on the Linux Foundation's ACRN hypervisor for the industrial market. With the latest release of its Nerve Blue industrial edge computing platform, TTTech Industrial is making ACRN 2.0 available to customers in a commercial, fully supported software solution that runs on a variety of Intel processors in an array of industrial applications.
Offensive Security might best known as the company behind Kali Linux, the popular open-source pen testing platform, but its contribution to the information security industry is definitely not limited to it. Updated its most popular training and certification courses, including Penetration Testing with Kali Linux and Advanced Web Attacks and Exploitation.
Today, the Linux Foundation announced a cloud-native identity and access management software platform that prioritizes security and performance, the Janssen Project, which is based on the Gluu server and features signing and encryption functionalities. The Linux Foundation, a nonprofit organization enabling innovation through open source, also announced the Janssen Project Technical Steering Committee, which is comprised of engineers from IDEMIA, F5, BioID, Couchbase, and Gluu.
If you've purchased a FEITIAN FIDO2 device and can't seem to get it working with Linux, Jack Wallen shows you how. That's fundamentally how FIDO2 works, and there are plenty of companies that make such devices.
If you've had files deleted by a hacker or you've accidentally removed them, Jack Wallen shows you how to recover that missing data with a handy tool called testdisk.
An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonly used program on Linux servers, and is a new version of the malware belonging to a threat actor tracked as Stantinko.
Kali Linux 2020.4 released: New default shell, fresh tools, and more!Offensive Security has released Kali Linux 2020.4, the latest version of its popular open source penetration testing platform. Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCsCisco has patched two vulnerabilities in its Cisco Security Manager solution, both of which could allow unauthenticated, remote attackers to gain access to sensitive information on an affected system.
Looking for an easy to use encryption tool to protect data on your Linux servers? Jack Wallen shows you how to install and use gocryptfs to serve that very purpose.