linux

Linux-версия многоплатформенного бэкдора под названием DinodasRAT была обнаружена в дикой природе, нацеленная на Китай, Тайвань, Турцию и Узбекистан, свидетельствуют новые данные Kaspersky. DinodasRAT, также известная как XDealer, представляет собой вредоносное ПО на базе C ++, которое...

A vulnerability (CVE-2024-1086) has been identified in Netfilter, a subsystem of the Linux kernel used to filter and modify network packets, which allows a local user to execute code at the kernel level and raise their privileges in the system. The problem is caused by double-free memory in the...

SentinelLabs experts have discovered a new destructive malware called AcidPour, which destroys data and targets IoT and network devices based on Linux x86. Researchers believe that AcidPour is a variant of another well — known viper-AcidRain. AcidRain is a malware designed to destroy data on...

В дикой природе обнаружен новый вариант вредоносной программы AcidRain, стирающей данные, которая специально разработана для устройств Linux x86. Вредоносная программа, получившая название AcidPour, скомпилирована для устройств Linux x86, сообщил Хуан Андрес Герреро-Сааде из SentinelOne в серии...

In the pursuit of leadership, the company is radically transforming its product line. iXsystems, a well-known provider of BSD-based operating systems, has made a strategic reorientation of its operations from FreeBSD to Linux. This decision is a landmark for the industry and may signal a change...

On March 10, 2024, Linus Torvalds, the creator and main developer of the Linux kernel, announced the release of a new stable version 6.8. The release was released according to the established schedule, two months after the previous stable version 6.7, released in early January 2024. The source...

The WogRAT backdoor exploits a popular online notepad to evade detection. In recent months, a new malware called WogRAT has been actively spreading through cyberspace, targeting users of the Windows and Linux operating systems. Researchers at AhnLab Security (ASEC) have discovered that WogRAT...

What can such a minimalistic distribution do in its latest iteration? The latest version of Tiny Core Linux v15. 0, released on February 22, proves that even in 2024, a full-fledged operating system with a graphical interface can take up much less space than Windows 95, released almost 30 years...

Researchers talk about new features of the old cyber threat. Researchers from Palo Alto Networks have discovered a new variant of the well - known remote access Trojan-BIFROSE (also known as Bifrost). The updated version is adapted for attacks on Linux systems. Its distinctive feature is the...

Исследователи кибербезопасности выявили две ошибки обхода аутентификации в программном обеспечении Wi-Fi с открытым исходным кодом, используемом на устройствах Android, Linux и ChromeOS, которые могут обманом заставить пользователей подключиться к вредоносному клону законной сети или позволить...

Обратный инжиниринг встроенного ПО, работающего на устройствах Ivanti Pulse Secure, выявил многочисленные недостатки, что еще раз подчеркивает сложность обеспечения безопасности цепочек поставок программного обеспечения. Eclypsiusm, которая приобрела версию прошивки 9.1.18.2-24467.1 в рамках...

Who can use such a lightweight distribution in 2024 and why? 19 years after the release of the original version and 12 years after the release of the latest release, the Linux distribution "Damn Small Linux "(DSL) is back. By the name, which can be literally translated as "damn small Linux", it...

The pre-installed utility undermines the security of millions of Ubuntu users. Researchers from Aqua Security discovered a critical vulnerability that allows attackers to break into Linux-based systems. We are talking about using the "command-not-found" utility built into the Ubuntu...

Разработчики shim выпустили версию 15.8 для устранения шести недостатков безопасности, включая критическую ошибку, которая может проложить путь к удаленному выполнению кода при определенных обстоятельствах. Отслеживаемая как CVE-2023-40547 (оценка CVSS: 9,8), уязвимость может быть использована...

Millions of devices are vulnerable, but there is still no working fix. Linux developers are actively working to fix a critical vulnerability that, under certain conditions, allows attackers to install malware at the motherboard firmware level. Such infections, also known as "bootkits", gain...

We have disclosed information about a vulnerability (CVE-2023-6200) in the Linux kernel network stack, which, under certain circumstances, allows an attacker from a local network to execute their code by sending a specially designed ICMPv6 packet with an RA (Router Advertisement) message...

Локальные злоумышленники могут получить полный root-доступ к машинам с Linux, воспользовавшись недавно обнаруженной уязвимостью безопасности в библиотеке GNU C (она же glibc). Уязвимость переполнения буфера на основе кучи, отслеживаемая как CVE-2023-6246, коренится в функции...

The controversy surrounding file metadata identifiers has resonated in the developer community. Linus Torvalds, the creator and main developer of the Linux kernel, is known for his harsh communication style and criticism of other project participants. This week, a new conflict broke out over...

How hackers mask malicious activity in network traffic and target their victims. Security researchers from Kroll have provided a detailed analysis of the C2 server operation of the well-known Sysembc malware. According to a report published last week, SystemBC has become much more actively used...

What do security researchers think about the new grouping malware? The Vietnamese hacker group OceanLotus, also known as APT32, has been attacking government, military, and corporate systems in China and other countries for about 10 years. Cybersecurity experts from CrackMe Security analyzed...