Security News

Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren't sitting idle. According to new findings shared by cybersecurity firm Netscout, TrickBot's authors have moved portions of their code to Linux in an attempt to widen the scope of victims that could be targeted.

Adding a user with admin privileges on Linux is easier than you think. Problem is, when you create a new user, that user doesn't have admin privileges.

The popular password manager 1Password is now available for Linux users in beta version. Pegged for an official release in early 2021, the Linux release for 1Password - which has been used by Windows and Mac users for years - offers a "Full-featured desktop app" where users can securely manage and store passwords and other important credentials, such as credit card information.

Microsoft's Chromium-based Edge was first released in January to Windows consumers and enterprises, and it was later released to macOS users. Edge is already available on Android and iOS, and now Linux users can finally get a taste of Microsoft's new browser.

The Windows 10 Calculator has been ported to Linux and can be installed from the Canonical Snap Store. In March 2019, Microsoft open-sourced the Windows 10 Calculator and invited other developers to contribute to its development.

If you've had files deleted by a hacker or you've accidentally removed them, Jack Wallen shows you how to recover that missing data with a handy tool called testdisk. Do you know where your deleted files are? If you're on a Linux server, those magically vanished files might be quite the elusive little gremlins.

These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by NPM yesterday. Although the malicious packages were spotted and removed by NPM, I was able to dig into Sonatype's automated malware detection system archives to obtain copies of their source code, as it had existed on NPM downloads.

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws - collectively called BleedingTooth - reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information. The most severe of these flaws is CVE-2020-12351, a heap-based type confusion that affects Linux kernel 4.8 and higher.

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under GNU General Public License, features the BlueZ kernel that has been part of the official Linux kernel since version 2.4.6.