03 Dec, 2024

Ubuntu Linux impacted by decade-old ‘needrestart’ flaw that gives root

Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04. The flaws were discovered by Qualys and are tracked as CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003. They were introduced in needrestart version 0.8, released in April 2014, and fixed only […]

3 mins read

Windows infected with backdoored Linux VMs in new phishing attacks

A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. Using virtual machines to conduct attacks is nothing new, with ransomware gangs and cryptominers using them to stealthily perform malicious activity. However, threat actors commonly install these manually after they breach a network. A […]

3 mins read

Custom “Pygmy Goat” malware used in Sophos Firewall hack on govt network

UK’s National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named “Pigmy Goat” created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. Last week, Sophos published a series of reports dubbed “Pacific Rim” that detailed five-year attacks by Chinese threat actors on edge networking devices. One […]

3 mins read

New FASTCash malware Linux variant helps steal money from ATMs

North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform unauthorized cash withdrawals. Previous variants of FASTCash targeted Windows and IBM AIX (Unix) systems, but a new report by security researcher HaxRob reveals a previously undetected Linux version that targets Ubuntu […]

2 mins read

Linux malware “perfctl” behind years-long cryptomining campaign

A Linux malware named “perfctl” has been targeting Linux servers and workstations for at least three years, remaining largely undetected through high levels of evasion and the use of rootkits. According to Aqua Nautilus researchers who discovered perfctl, the malware likely targeted millions of Linux servers in recent years and possibly caused infections in several […]

5 mins read

CUPS flaws enable Linux remote code execution, but there’s a catch

Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines. Tracked as CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters) and discovered by Simone Margaritelli, these security flaws don’t affect systems in their default configuration. CUPS (short for […]

4 mins read

New Linux malware Hadooken targets Oracle WebLogic servers

Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named “Hadooken,” which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. The access obtained may also be used to execute ransomware attacks on Windows systems. Researchers at container security solution company Aqua Security observed such an attack on a […]

3 mins read

Happy 33rd Birthday, Linux!

Today is August 25th, which means that Linux turns 33 years old. Grab a glass of your favorite beverage and join me in celebrating the 33rd birthday of Linux! On August 25th, 1991, the 21-year-old Finnish student Linus Benedict Torvalds made his now-famous announcement on the comp.os.minix newsgroup that he’s working on a free operating system for 386(486) […]

2 mins read

GNOME 47 Beta Desktop Released with Many Changes, Here’s What’s New

After a long wait, the GNOME Project released today the beta version of the upcoming GNOME 47 desktop environment series, due out on September 18th, 2024. There’s been a lot of changes added since the alpha version of the GNOME 47 desktop series, and the beta release is packed with lots of goodies, including support for hardware […]

4 mins read

Microsoft shares temp fix for Linux boot issues on dual-boot systems

Microsoft has provided a workaround to temporarily fix a known issue that is blocking Linux from booting on dual-boot systems with Secure Boot enabled. The company says this temporary fix can help Linux users revive unbootable systems displaying “Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation” errors after installing the August 2024 […]

2 mins read