A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically … [Read more...] about Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
Linux
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems. Infection chains leverage a chat application called MiMi, with its installer files compromised to download and install HyperBro … [Read more...] about Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented … [Read more...] about New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. "The framework has both passive … [Read more...] about New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems — The Hacker News
Kaspersky security researchers have disclosed details of a brand-new ransomware family written in Rust, making it the third strain after BlackCat and Hive to use the programming language. Luna, as it's called, is "fairly simple" and can run on Windows, Linux, and ESXi systems, with the malware banking on a combination of Curve25519 and AES for encryption. "Both the Linux and … [Read more...] about New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems — The Hacker News
New ‘FabricScape’ Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime access. It … [Read more...] about New ‘FabricScape’ Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to maximize spreadability and execute malware modules" and "harvests SSH keys to perform lateral movement." The … [Read more...] about A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
A Stealthy Linux Malware Targeting Latin American Financial Sector
Cybersecurity researchers have taken the wraps off what they call a "nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems. Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources … [Read more...] about A Stealthy Linux Malware Targeting Latin American Financial Sector
New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw
A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360's Netlab security team called it B1txor20 "based on its propagation using the file name 'b1t,' the XOR encryption algorithm, and the RC4 algorithm key length of 20 … [Read more...] about New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw
New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container
Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host. The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical … [Read more...] about New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container