Linux Archives - Securezoo

Clop: New Linux ransomware variant threat

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / February 7, 2023 February 7, 2023 / Cl0p, Clop, Linux, Ransomware

Researchers from SentinelLabs have spotted the first Linux variant of Cl0p (aka “Clop”) ransomware, targeting Linux systems on December 26, 2022.

Linux Kernel ksmbd Use-After-Free RCE Vulnerability

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / December 28, 2022 December 28, 2022 / kernel, Linux, RCE, SMB3, ZDI

Security researchers have discovered a Critical remote code execution (RCE) vulnerability in Linux 5.15 Kernel Server Message Block (SMB) server, ksmbd.

Report: Linux malware and cloud misconfigurations top cybersecurity threats

Cloud Security, Container Security, Cybersecurity Attacks, Malware / By Frank Crast / September 5, 2022 September 5, 2022 / BlackCat, Cheerscrypt, Cloud, Containers, Conti, ESXi, Linux, LockBit, LockBit 2.0, MaaS, malware, RaaS, Ransomware, Trend Micro

A new report published by Trend Micro revealed that Linux malware and cloud misconfigurations make up some of the top cybersecurity threats facing organizations over the first half of 2022.

OrBit: New evasive and persistent Linux malware

Malware, Vulnerabilities & Exploits / By Frank Crast / July 9, 2022 July 9, 2022 / Cybersecurity Threat Center, Linux, malware, OrBit, payload

Researchers from Intezer have discovered a new evasive and persistent Linux malware dubbed OrBit.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / June 30, 2022 June 30, 2022 / Chromium, CISA, CVE-2018-4344, CVE-2019-8605, CVE-2020-3837, CVE-2020-9907, CVE-2021-30983, Linux, pkexec, polkit, PwnKit

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

Symbiote: Linux malware ‘nearly impossible to detect’ threat

Cybersecurity Attacks, Malware / By Frank Crast / June 11, 2022 June 11, 2022 / Blackberry, BPF, Cyberattack, Cybersecurity Threat Center, Linux, malware, Symbiote

Researchers have discovered a new Linux malware dubbed Symbiote, a ‘nearly impossible to detect’ threat.

XorDdos: DDoS malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / May 21, 2022 May 21, 2022 / DDoS, Linux, malware, XORDDoS

Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.

security, professional, secret-5199239.jpg

Microsoft discovers Nimbuspwn Linux vulnerabilities

Vulnerabilities & Exploits / By Frank Crast / April 26, 2022 April 26, 2022 / CVE-2022-29799, CVE-2022-29800, kernel, Linux, Microsoft, Nimbuspwn

Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.

Dirty Pipe privilege escalation vulnerability found in Linux kernel

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 11, 2022 March 13, 2022 / CVE-2022-0847, Dirty COW, Dirty Pipe, Linux

A High severity privilege escalation vulnerability CVE-2022-0847 dubbed “Dirty Pipe” was found in Linux kernel. The issue was fixed in Linux kernel versions 5.16.11, 5.15.25 and 5.10.102.

Linux Cgroup vulnerability can cause container escape

Vulnerabilities & Exploits / By Frank Crast / March 5, 2022 March 13, 2022 / Cgroup, CVE-2022-0492, Linux, SELinux

A new Linux privileged escalation vulnerability in Cgroups feature could cause container escape on unhardened hosts. This is the third in a line of similar Kernel vulnerabilities that could allow containers to escape.