Security News

Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads. In a report today, cybersecurity company Trend Micro says that the new Linux variant for TargetCompany ransomware makes sure that it has administrative privileges before continuing the malicious routine.

It includes future package compatibility for 32-bit platforms, improvements to GNOME 46 and Xfce, and 18 new tools. Kali 2024.2 introduces GNOME 46, offering a refined experience that builds on the enhancements from previous versions.

Kali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug.As is typical for the year's first version, the Kali Team has released new visual elements, including wallpapers and updates to the boot menu and login display.

NethSecurity is a free, open-source Linux firewall that simplifies network security deployment. It integrates various security features into one platform, including firewalling, intrusion detection and prevention, antivirus, multi-WAN, DNS, and content filtering.

Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free. Kaspersky's new tool isn't a real-time threat protection tool but a standalone scanner that can detect malware, adware, legitimate programs abused for malicious purposes, and other known threats and offers to clean them.

The U.S. Cybersecurity & Infrastructure Security Agency has added two vulnerabilities in its Known Exploited Vulnerabilities catalog, including a Linux kernel privilege elevation flaw. In late March 2024, a security researcher using the alias 'Notselwyn' published a detailed write-up and proof-of-concept exploit on GitHub, showcasing how to achieve local privilege escalation by exploiting the flaw on Linux kernel versions between 5.14 and 6.6.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence...

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea's Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear...

The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers. In early February 2024, researchers at the SW2 threat intelligence company reported about a campaign where Kimsuky used trojanized versions of various software solutions, e.g. TrustPKI and NX PRNMAN from SGA Solutions, Wizvera VeraPort, to infect South Korean targets with Troll Stealer and the Go-based Windows malware GoBear.

The North Korean hacker group Kimsuki has been using trojanized software packages to deliver a new Linux malware called Gomir in cyberespionage campaigns against targets in South Korea. In early February 2024, researchers at the SW2 threat intelligence company reported about a campaign where Kimsuky used trojanized versions of various software solutions, e.g. TrustPKI and NX PRNMAN from SGA Solutions, Wizvera VeraPort, to infect targets with the Troll Stealer variant of the Go-based Windows malware GoBear.