Security News

Security researchers at AT&T's Alien Labs have identified multiple malware attacks leveraging the Ezuri memory loader to execute payloads without writing them to disk. Executed directly in memory, without leaving traces on disk, fileless malware is commonly used in attacks targeting Windows systems, but isn't often seen in malware attacks targeting Linux.

Multiple malware authors are using the "Ezuri" crypter and memory loader to make their code undetectable to antivirus products. According to a report released by AT&T Alien Labs, multiple threat actors are using Ezuri crypter to pack their malware and evade antivirus detection.

Adding a user with admin privileges on Linux is easier than you think. Jack Wallen shows you how.

Microsoft now allows users of the Windows Subsystem for Linux to run commands automatically on WSL distribution startup. WSL is a compatibility layer designed by Microsoft to makes it possible for Windows 10 to run Linux binaries in ELF format natively on Windows computers.

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. The C2 server is used to host the bash or PowerShell dropper script, a Golang-based binary worm, and the XMRig miner deployed to surreptitiously mine for untraceable Monero cryptocurrency on infected devices.

Jack Wallen explains why he's not worried that the rise in popularity of the Linux operating system will mean your open source platforms will be vulnerable to attacks. Linux powers big business-of that there is no debate.

Jack Wallen explains why he's not worried that the rise in popularity of the Linux operating system will mean your open source platforms will be vulnerable to attacks.

Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. The new trojan, dubbed PyMICROPSIA by Unit 42, was discovered while investigating AridViper activity, a group of Arabic speaking cyberspies focusing their attacks on Middle Eastern targets since at least 2011. While PyMICROPSIA is a Python-based malware that specifically targets Windows systems using a Windows binary generated using PyInstaller, Unit 42 has also found code snippets showing that its creators are potentially working on adding multi-platform support.

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called "Gitpaste-12," which used GitHub to host malicious code containing as many as 12 known attack modules that are executed via commands downloaded from a Pastebin URL. The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020.

FireEye breach: State-sponsored attackers stole hacking toolsU.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed. Key cybersecurity problems expected to mark 2021After a year in which COVID-19 upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to ESET. How Kali Linux creators plan to handle the future of penetration testingOffensive Security might best known as the company behind Kali Linux, the popular open-source pen testing platform, but its contribution to the information security industry is definitely not limited to it.