linux

A method of bypassing protection through ordinary scripts has been revealed. Researchers have discovered a new way to bypass the noexec flag in Linux, allowing arbitrary binaries to be executed even on partitions where execution is prohibited. This is possible with Perl, Bash and PHP scripts...

The errors of the AI assistant led to serious problems. The CEO of the non-profit organization Redwood Research, Buck Schlegeris, faced an unexpected problem when using the AI assistant he created based on the Claude model from Anthropic. This tool was designed to execute bash commands on...

A hidden threat lurks in the bowels of your operating system. Recently, researchers from Aqua Security discovered a campaign to attack vulnerable Linux servers with a hidden piece of malware called perfctl. The main goal of this program is to use the resources of compromised servers for...

A fix for a vulnerability in the libnv library, released in early September, identified a logical error that prevented the vulnerability from being properly addressed and the system remained vulnerable to attack. The libnv library is developed by the FreeBSD project and is used in the kernel and...

Kryptina's source code is used for new attacks on Linux. SentinelLabs has discovered that a group associated with the Mallox (TargetCompany) campaign is using a new modified version of the Kryptina ransomware to attack Linux systems. Mallox, which was previously focused only on Windows, has...

Researchers have uncovered a new infiltration method aimed at developers. Researchers at Unit 42 have discovered a new malware campaign orchestrated by the North Korean group Gleaming Pisces that targets Linux and macOS systems using malicious Python packages. The attackers distribute infected...

SSH connection is a checkpoint for the entry of uninvited guests. Researchers from ASEC have identified new attacks targeting poorly protected Linux SSH servers. In them, the hackers used the Supershell malware, written in the Go language. This backdoor provides attackers with remote control...

Cybersecurity researchers at Aqua have uncovered a new malware campaign dubbed Hadooken. The malware is distributed through Oracle Weblogic servers and is engaged in cryptocurrency mining, as well as the delivery of malware for a DDoS botnet. The attack chain exploits both known vulnerabilities...

A poorly studied malware leaves no chance for specialists to study. Trend Micro specialists have discovered a new multi-platform backdoor KTLVdoor from the Chinese group Earth Lusca. KTLVdoor is developed in Golang and has versions for Windows and Linux. The previously unknown malware is...

И так, приступим. Шифрование дисков в Linux обычно реализуется с помощью системы Linux Unified Key Setup (LUKS). LUKS - это широко используемый стандарт шифрования дисков, который обеспечивает гибкий и безопасный способ шифрования дисковых разделов. LUKS работает на уровне блоков, что означает...

The detection of the malware opens a new round of virus evolution. Aon has discovered a new virus for Linux called sedexp, which has gone undetected since 2022 thanks to a unique stealth method. Malware allows attackers to remotely control infected devices and carry out attacks. Sedexp is...

Due to Microsoft's mistake, Linux users lost access to devices. Last week, many Linux users faced a serious problem: their devices stopped booting after an update released by Microsoft as part of Patch Tuesday. Instead of the system starting normally, an error message was displayed. The reason...

The mysterious RDGA algorithm creates an army of malicious domains. Trend Micro discovered a new version of the Play ransomware (Balloonfly, PlayCrypt), which is now targeting VMware ESXi. The new Linux version indicates an expansion of the group's attacks, which increases the number of...

Среди рядовых пользователей и даже ИТ-специалистов распространено мнение о повышенной безопасности операционных систем на базе Linux по сравнению с «дырявым Windows» и «популярной macOS». Однако, как показало наше исследование, открытость исходного кода не освобождает Linux от ошибок и...

Is it really only a change in the hardware design that will help solve the problem? Researchers from Samsung, Seoul National University, and the Georgia Institute of Technology have unveiled a new "TIKTAG" attack targeting the Memory Tagging Extension (MTE) technology in the ARM architecture...

Ранее недокументированное кроссплатформенное вредоносное ПО под кодовым названием Noodle RAT уже много лет используется китайскоязычными злоумышленниками либо для шпионажа, либо для киберпреступлений. Хотя этот бэкдор ранее классифицировался как вариант Gh0st RAT и Rekoobe, исследователь...

For years, the malware has been mistaken for variations of other programs, but is this spyware really that simple? Security researchers from Trend Micro recently identified a new type of malware called "Noodle RAT" that Chinese-speaking hacker groups are actively using to attack Windows and...

Агентство кибербезопасности и инфраструктуры безопасности США (CISA) в четверг добавило ошибку безопасности, влияющую на ядро Linux, в каталог известных эксплуатируемых уязвимостей (KEV), ссылаясь на свидетельства активного использования. Отслеживаемая как CVE-2024-1086 (оценка CVSS: 7,8)...

CISA adds a new bug to its catalog, which gives the hacker complete freedom of action. The CISA added a Linux kernel vulnerability to the catalog of known Exploited vulnerabilities ( KEV ), citing evidence of active exploitation. CVE-2024-1086 (CVSS score 3.1: 7.8) is related to a...

Hackers have attacked at least 48 organizations by 2024. In November 2023, experts from the Positive Technologies Cybersecurity Expert Center (PT Expert Security Center) published their first study on attacks by the previously unknown hacker group Hellhounds on Russian companies. The study...