linux

A new malware written in Golang programming language, tracked as Capoae, is targeting WordPress installs and Linux systems. Akamai researchers spotted a new strain of malware written in Golang programming language, dubbed Capoae, that was involved in attacks aimed at WordPress installs and Linux systems.  The malware spread through attacks exploiting known vulnerabilities (i.e. CVE-2020-14882 […]

The post New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems appeared first on Security Affairs.

Read More New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

Security researchers spotted a new malware that uses Windows Subsystem for Linux (WSL) to evade detection in attacks against Windows machines. Security researchers from Lumen’s Black Lotus Labs have discovered several malicious Linux binaries developed to target the Windows Subsystem for Linux (WSL). Windows Subsystem for Linux (WSL) is a compatibility layer for running Linux […]

The post A new Win malware uses Windows Subsystem for Linux (WSL) to evade detection appeared first on Security Affairs.

Read More A new Win malware uses Windows Subsystem for Linux (WSL) to evade detection

OMIGOD – Microsoft addressed four vulnerabilities in the Open Management Infrastructure (OMI) software agent that could expose Azure users to attacks. Recently released September 2021 Patch Tuesday security updates have addressed four severe vulnerabilities, collectively tracked as OMIGOD, in the Open Management Infrastructure (OMI) software agent that exposes Azure users to attack. Below is the list of the […]

The post OMIGOD vulnerabilities expose thousands of Azure users to hack appeared first on Security Affairs.

Read More OMIGOD vulnerabilities expose thousands of Azure users to hack

Researchers discovered Linux and Windows implementations of the Cobalt Strike Beacon developed by attackers that were actively used in attacks in the wild. Threat actors re-implemented from scratch unofficial Linux and Windows versions of the Cobalt Strike Beacon and are actively using them in attacks aimed at organizations worldwide.Cobalt Strike is a legitimate penetration testing tool designed as an attack […]

The post Vermilion Strike, a Linux implementation of Cobalt Strike Beacon used in attacks appeared first on Security Affairs.

Read More Vermilion Strike, a Linux implementation of Cobalt Strike Beacon used in attacks

An information disclosure issue in Linux Kernel allows KASLR bypass could be potentially exploited in attacks in the wild. An information disclosure flaw in the Linux kernel, tracked as CVE-2020-28588, could allow attackers to bypass the Kernel Address Space Layout Randomization bypass (KASLR). The Kernel Address space layout randomization (KASLR) is a computer security technique designed to prevent […]

The post An issue in the Linux Kernel could allow the hack of your system appeared first on Security Affairs.

Read More An issue in the Linux Kernel could allow the hack of your system

Experts recently uncovered a Linux backdoor, dubbed RotaJakiro, that has flown under the radar for many years while harvest and exfiltrate sensitive information from the victims.  RotaJakiro is a Linux backdoor recently discovered by researchers at Qihoo 360’s Network Security Research Lab (360 Netlab). The malware remained undetected for years while threat actors were employing […]

The post RotaJakiro Linux backdoor has flown under the radar since 2018 appeared first on Security Affairs.

Read More RotaJakiro Linux backdoor has flown under the radar since 2018

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security.

Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very old versions of Linux. Most devices are still powered with a 2.6 Linux kernel, which is no longer maintained for many years. This leads to a high number of critical and high severity CVEs affecting these devices.

Since Linux is the most used OS, exploit mitigation techniques could be enabled very easily. Anyhow, they are used quite rarely by most vendors except the NX feature…

Read More Router Security