12 matches found
Lightning Framework, modular Linux malware
Researchers at Intezer have published a technical analysis of Lightning Framework, a previously undocumented and undetected Linux threat. Lightning is a modular framework that is very versatile and something we don’t see very often in the Linux space. The old argument that Linux systems or Macs f...
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one of the most intricate...
Stealthy Symbiote Linux malware is after financial institutions
Symbiote, a new "nearly impossible to detect" Linux malware, targeted financial sectors in Latin America—and the threat actors behind it might have links to Brazil. These findings were revealed in a recent report, a joint effort between the Blackberry Research Team and Dr. Joakim Kennedy, a...
Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services
Cybersecurity researchers on Monday discovered misconfigurations across older versions of Apache Airflow instances belonging to a number of high-profile companies across various sectors, resulting in the exposure of sensitive credentials for popular platforms and services such as Amazon Web...
ELFant in the Room – capa v3
Since our initial public release of capa, incident responders and reverse engineers have used the tool to automatically identify capabilities in Windows executables. With our newest code and ruleset updates, capa v3 also identifies capabilities in Executable and Linkable Format ELF files, such as...
Azure Functions Weakness Allows Privilege Escalation
A privilege-escalation vulnerability Microsoft’s Azure Functions cloud container feature could ultimately allow a user to escape the container, according to researchers. Intezer researchers dubbed the bug “Royal Flush” after a flush-to-disk limitation that an exploit would need to evade. Flushing...
New Docker Container Escape Bug Affects Microsoft Azure Functions
Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab's investigations into the Azure...
New Docker Container Escape Bug Affects Microsoft Azure Functions
Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab's investigations into the Azure...
Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies
An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonl...
Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples
Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace,...
Unusual Linux Ransomware Targets NAS Servers
A rare instance of ransomware targeting Linux-based file storage systems network-attached storage servers, specifically has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to...
IsraBye Anti-Israeli wiper malware locks data that can’t be restored
By Waqas Researchers of an Israeli cyber security firm Intezer have discovered a dangerous This is a post from HackRead.com Read the original post: IsraBye Anti-Israeli wiper malware locks data that cant be restored...