1202 matches found
Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw
By Deeba Ahmed Patches for all affected versions of Apache ActiveMQ have been released, and clients are strongly advised to upgrade their systems. This is a post from HackRead.com Read the original post: Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw...
CVE-2023-26031 Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems
Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote authenticated users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the "...
Attacks, Vulnerabilities and Actors 23 October to 29 October 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...
DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan
The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are als...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...
Reptile Rootkit Targets Linux Systems in South Korea
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Reptile, an open-source Linux rootkit, goes beyond concealment, offering attackers a reverse shell and utilizing Port Knocking for control; observed in attacks including Chinese groups exploiting...
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded...
PT-2023-21675 · Ubiquiti · Unifi
Name of the Vulnerable Software and Affected Versions: UniFi versions 7.3.83 and earlier Description: A backup file vulnerability found in UniFi applications running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored...
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...
Warning: Fake GitHub Repos Delivering Malware as PoCs
By Waqas According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems. This is a post from HackRead.com Read the original post: Warning: Fake GitHub Repos Delivering Malware as PoCs...
NuGet Client Remote Code Execution Vulnerability
Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET and NuGet on Linux. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 6.0, .NET 7.0...
CVE-2023-0636 Remote Code Execution via Command Injection
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...
CVE-2023-0635 Privilege escalation to root
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...
Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code
The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize what appears to be one custom-developed tool,...
The vulnerability of the ksmbd module in Linux operating systems allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the ksmbd module in Linux operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures using the SMB2QUERYINFO and SMB2LOGOFF command...
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
Multiple threat actors have capitalized on the leak of Babuk aka Babak or Babyk ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend o...