Never-before-seen Linux malware gets installed using 1-day exploits
Discovery means that NerbianRAT is cross-platform used by for-profit threat group. Enlarge (credit: Getty Images) Researchers have unearthed Linux malware that circulated in the wild for at least two years before being i.....»»
Antivirus updates hijacked to drop dangerous malware
Malware discovered hiding in virus database updates by Avast researchers......»»
Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target environm.....»»
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher.....»»
Linux can finally run your car’s safety systems and driver-assistance features
Increasingly, our cars will be controlled by a small number of powerful computers. Enlarge (credit: Getty Images) There's a new Linux distro on the scene today, and it's a bit specialized. Its development was led by the.....»»
Hackers infect users of antivirus service that delivered updates over HTTP
eScan AV updates were delivered over HTTP for five years. Enlarge (credit: Getty Images) Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service.....»»
Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
Windows vulnerability reported by the NSA exploited to install Russian backdoor
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
A critical security flaw could affect thousands of WordPress sites
Forminator can be used to upload malware to the site, Japan's researchers say......»»
Fuxnet malware: Growing threat to industrial sensors
In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the vulnerability of sensor networks and the outsized impact these a.....»»
Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network firewalls f.....»»
Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device tele.....»»
These are the PC apps you’re still using — but probably shouldn’t be
These apps are installed on millions, and sometimes even billions, of PCs, even if they shouldn't be......»»
Framework’s software and firmware have been a mess, but it’s working on them
New features, security updates, and Linux support are all on a long to-do list. Enlarge / The Framework Laptop 13. (credit: Andrew Cunningham) Since Framework showed off its first prototypes in February 2021, we've gener.....»»
The Ultimate Guide to Popular Linux Games in 2024 – Boosters.gg Insights
With the gaming world constantly evolving, Linux has emerged as a formidable platform for gamers seeking diversity and freedom in their gaming experience. This guide, brought to you with insights from Boosters.gg, dives deep into the thriving ecosyst.....»»
UI/UX Design Services: What These Are and Who Needs Them on Linux Platforms
Ever wondered why some apps, especially those developed on Linux, feel just right, while others don’t? It’s all about UI/UX design — when executed well, it makes navigating a website or app seamless. Whether you’re a startup or managing a lar.....»»
Apple @ Work: Do your Macs need malware protection at work?
Apple @ Work is brought to you by Kolide by 1Password, the device trust solution that ensures that if a device isn’t secure, it can’t access your apps. Close the Zero Trust access gap for Okta. Learn more or watch the demo. I was recently ch.....»»
New Latrodectus loader steps in for Qbot
New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same developers who created the IcedID loader. Malware delivery campaigns “[Latrodectus] was first obse.....»»
XZ Utils backdoor: Detection tools, scripts, rules
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skil.....»»
Threat actors are raising the bar for cyber attacks
From sophisticated nation-state-sponsored intrusions to opportunistic malware campaigns, cyber attacks manifest in various forms, targeting vulnerabilities in networks, applications, and user behavior. The consequences of successful cyber attacks can.....»»
The 6 best car phone holders in 2024
If you want quick and easy access to your smartphone while driving, you should have one of the best car phone mounts installed for your safety and convenience......»»