Security News

Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)
2021-01-27 09:53

A vulnerability in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged local user to gain root privileges on a vulnerable host. "This vulnerability is perhaps the most significant sudo vulnerability in recent memory and has been hiding in plain sight for nearly 10 years," said Mehul Revankar, Vice President Product Management and Engineering, Qualys, VMDR, and noted that there are likely to be millions of assets susceptible to it.

CloudLinux expands its Extended Lifecycle Support services for Linux distributions
2021-01-27 01:00

CloudLinux announces the expansion of its affordable Extended Lifecycle Support services for Linux distributions, by providing its own updates and security patches for several years after expiration of the products' end-of-life date. Oracle Linux 6 Extended Lifecycle Support service will be available starting in February 2021 and will extend to February 2025.

Decade-old bug in Linux world's sudo can be abused by any logged-in user to gain root privileges
2021-01-26 21:12

Security researchers from Qualys have identified a critical heap buffer overflow vulnerability in sudo that can be exploited by rogue users to take over the host system. Sudo is an open-source command-line utility widely used on Linux and other Unix-flavored operating systems.

New Linux SUDO flaw lets local users gain root privileges
2021-01-26 19:39

A now-fixed Sudo vulnerability allowed any local user to gain root privileges on Unix-like operating systems without requiring authentication. Sudo is a Unix program that enables system admins to provide limited root privileges to normal users listed in the sudoers file, while at the same time keeping a log of their activity.

How to check for and stop DDoS attacks on Linux
2021-01-21 18:20

Jack Wallen walks you through some of the steps you can take to check for and mitigate distributed denial of service attacks on a Linux server. Recently I wrote a piece on how to detect and stop a DoS attack on Linux.

SSH keys: How to view in Linux, macOS, and Windows
2021-01-21 16:17

If you're not sure how to view your SSH certificates, Jack Wallen walks you through the steps on Linux, macOS, and Windows.

New 'FreakOut' Malware Ensnares Linux Devices Into Botnet
2021-01-20 13:12

A recently identified piece of malware is targeting Linux devices to ensnare them into a botnet capable of malicious activities such as distributed denial of service and crypto-mining attacks. Dubbed FreakOut, the malware is infecting devices that haven't yet received patches for three relatively new vulnerabilities, including one that was made public earlier this month.

Linux Devices Under Attack by New FreakOut Malware
2021-01-19 15:51

Researchers are warning a novel malware variant is targeting Linux devices, in order to add endpoints to a botnet to then be utilized in distributed-denial-of-service attacks and cryptomining. It is actively adding infected Linux devices to a botnet, and has the ability to launch DDoS and network flooding attacks, as well as cryptomining activity.

Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoning
2021-01-19 12:32

Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. "Some of the bigger users of Dnsmasq are Android/Google, Comcast, Cisco, Red Hat, Netgear, and Ubiquiti, but there are many more. All major Linux distributions offer Dnsmasq as a package, but some use it more than others, e.g., in OpenWRT it is used a lot, Red Hat use it as part of their virtualization platforms, Google uses it for Android hotspots, while, for example Ubuntu just has it as an optional package," Shlomi Oberman, CEO and researcher at JSOF, told Help Net Security.

FreakOut malware exploits critical bugs to infect Linux hosts
2021-01-19 07:48

An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that is powering network-attached storage devices or for developing web applications and portals. The purpose is to infect machines with vulnerable versions of the popular TerraMaster operating system, the Zend Framework, or Liferay Portal with FreakOut malware, which can help deploy a wide variety of cyberattacks.