Security News

Linux malware authors use Ezuri Golang crypter for zero detection
2021-01-07 06:00

Multiple malware authors are using the "Ezuri" crypter and memory loader to make their code undetectable to antivirus products. According to a report released by AT&T Alien Labs, multiple threat actors are using Ezuri crypter to pack their malware and evade antivirus detection.

Linux: How to create a new user with admin privileges
2021-01-06 18:36

Adding a user with admin privileges on Linux is easier than you think. Jack Wallen shows you how.

Windows 10 WSL now can run Linux commands on startup
2021-01-06 17:07

Microsoft now allows users of the Windows Subsystem for Linux to run commands automatically on WSL distribution startup. WSL is a compatibility layer designed by Microsoft to makes it possible for Windows 10 to run Linux binaries in ELF format natively on Windows computers.

New worm turns Windows, Linux servers into Monero miners
2020-12-30 09:40

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. The C2 server is used to host the bash or PowerShell dropper script, a Golang-based binary worm, and the XMRig miner deployed to surreptitiously mine for untraceable Monero cryptocurrency on infected devices.

Why I'm not concerned about the rise in Linux attacks
2020-12-15 18:01

Jack Wallen explains why he's not worried that the rise in popularity of the Linux operating system will mean your open source platforms will be vulnerable to attacks. Linux powers big business-of that there is no debate.

Linux attacks are rising: Why I'm not concerned
2020-12-15 17:57

Jack Wallen explains why he's not worried that the rise in popularity of the Linux operating system will mean your open source platforms will be vulnerable to attacks.

New Windows malware may soon target Linux, macOS devices
2020-12-15 13:50

Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. The new trojan, dubbed PyMICROPSIA by Unit 42, was discovered while investigating AridViper activity, a group of Arabic speaking cyberspies focusing their attacks on Middle Eastern targets since at least 2011. While PyMICROPSIA is a Python-based malware that specifically targets Windows systems using a Windows binary generated using PyInstaller, Unit 42 has also found code snippets showing that its creators are potentially working on adding multi-platform support.

Wormable Gitpaste-12 Botnet Returns to Target Linux Servers, IoT Devices
2020-12-15 03:18

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called "Gitpaste-12," which used GitHub to host malicious code containing as many as 12 known attack modules that are executed via commands downloaded from a Pastebin URL. The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020.

Week in review: FireEye breach, vulnerable TCP/IP stacks, Kali Linux and the future of pentesting
2020-12-13 08:00

FireEye breach: State-sponsored attackers stole hacking toolsU.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed. Key cybersecurity problems expected to mark 2021After a year in which COVID-19 upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to ESET. How Kali Linux creators plan to handle the future of penetration testingOffensive Security might best known as the company behind Kali Linux, the popular open-source pen testing platform, but its contribution to the information security industry is definitely not limited to it.

TTTech Industrial launches commercial product based on the Linux Foundation’s ACRN hypervisor
2020-12-11 01:00

TTTech Industrial is launching the first commercial product based on the Linux Foundation's ACRN hypervisor for the industrial market. With the latest release of its Nerve Blue industrial edge computing platform, TTTech Industrial is making ACRN 2.0 available to customers in a commercial, fully supported software solution that runs on a variety of Intel processors in an array of industrial applications.