Security News

These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by NPM yesterday. Although the malicious packages were spotted and removed by NPM, I was able to dig into Sonatype's automated malware detection system archives to obtain copies of their source code, as it had existed on NPM downloads.

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws - collectively called BleedingTooth - reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information. The most severe of these flaws is CVE-2020-12351, a heap-based type confusion that affects Linux kernel 4.8 and higher.

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under GNU General Public License, features the BlueZ kernel that has been part of the official Linux kernel since version 2.4.6.

Microsoft Linux is the next evolution of the Microsoft desktop operating system, argues Jack Wallen. It makes sense, especially given how hard Microsoft is working on Windows Subsystem for Linux, but from everything I've witnessed over the last few years, I think there's a conclusion to be drawn that makes even more sense for Microsoft.

While the spyware previously targeted Windows, iOS and Android users, researchers have discovered these campaigns using new variants that target macOS and Linux users. These samples include "Jabuka.app," a FinSpy variant for macOS, and "PDF," a FinSpy variant for Linux.

Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. According to the human rights organization Amnesty International, the newly discovered campaign is not linked to 'NilePhish,' a hacking group known for attacking Egyptian NGOs in a series of attacks, involving an older version of FinSpy, phishing technique, and malicious Flash Player downloads.

Looking for an easy to use encryption tool to protect data on your Linux servers? Jack Wallen shows you how to install and use gocryptfs to serve that very purpose. The gocryptfs tool allows you to encrypt only the directories you need.

Red Hat Enterprise Linux has further solidified itself as a platform of choice for users requiring more secure computing, with Red Hat Enterprise Linux 7.6 achieving Common Criteria Certification as well as Commercial Solutions for Classified Status. For Common Criteria, Red Hat Enterprise Linux 7.6 was certified by the National Information Assurance Partnership, with testing and validation completed by Acumen Security, a U.S. government-accredited laboratory.

Want to hide files and folders from your Linux desktop file manager? Jack Wallen shows you one handy method.