LINUX

Pierluigi Paganini November 26, 2018
Linux Kernel is affected by two DoS vulnerabilities still unpatched

Linux Kernel is affected by two denial-of-service (DoS) flaws, both vulnerabilities are NULL pointer deference issues Linux Kernel is affected by two denial-of-service (DoS) vulnerabilities, the issues impact Linux kernel 4.19.2 and previous versions. Both flaws are rated as Medium severity and are NULL pointer deference issues that can be exploited by a local attacker to trigger a DoS condition. […]

Pierluigi Paganini November 26, 2018
Experts found a new powerful modular Linux cryptominer

Security experts from Russian antivirus firm Dr.Web have discovered a new strain of Linux cryptominer tracked as Linux.BtcMine.174. The Linux cryptominer has a multicomponent structure that implements a broad range of features in over 1,000 lines of code. When the Monero Linux cryptominer is first executed it checks whether the server, from which the Trojan will subsequently […]

Pierluigi Paganini November 22, 2018
Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw

Security experts from Netscout Asert discovered more than ten Mirai bot variants attempting to exploit a recently disclosed flaw in Hadoop YARN on Intel servers. These Mirai variants are the first one that doesn’t target Internet of Things devices, the bot was specifically developed to target Linux servers. The Hadoop YARN is vulnerability is a command injection […]

Pierluigi Paganini November 11, 2018
Linux Cryptocurrency miner leverages rootkit to avoid detection

Researchers from Trend Micro spotted a new cryptocurrency miner that leverages a rootkit component to hide its presence on the infected systems. Cryptocurrency malware continues to be a privileged choice for crooks and the number of victims is rapidly growing. Cryptocurrency miners are easy to detect due to the saturation of resources on the affected […]

Pierluigi Paganini November 06, 2018
Shellbot Botnet Targets IoT devices and Linux servers

Security experts at Trend Micro have spotted an IRC bot dubbed Shellbot that was built using Perl Shellbot. The malware was distributed by a threat group called Outlaw, it was able to target Linux and Android devices, and also Windows systems. “We uncovered an operation of a hacking group, which we’re naming “Outlaw” (translation derived from the Romanian word haiduc, […]

Pierluigi Paganini October 29, 2018
Systemd flaw could cause the crash or hijack of vulnerable Linux machines

Systemd is affected by a security vulnerability that can be exploited to crash a vulnerable Linux machine, and in the worst case to execute malicious code. An attacker can trigger the vulnerability using maliciously crafted DHCPv6 packets and modifying portions of memory of the vulnerable systems, potentially causing remote code execution. The flaw, tracked as CVE-2018-15688, […]

Pierluigi Paganini October 26, 2018
CVE-2018-14665 privilege escalation flaw affects popular Linux distros

Security researcher discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions. The Indian security researcher Narendra Shinde has discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions, including OpenBSD, Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X project provides an open source implementation of the X Window […]

Pierluigi Paganini September 28, 2018
CVE-2018-17182 -Google Project Zero reports a new Linux Kernel flaw

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-17182. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. The vulnerability was introduced in August 2014 with the release of version 3.16 of the Linux kernel. The issue could be exploited […]

Pierluigi Paganini September 27, 2018
Mutagen Astronomy Linux Kernel vulnerability affects Red Hat, CentOS, and Debian distros

A new integer overflow vulnerability found in Linux Kernel. Dubbed Mutagen Astronomy, it affects Red Hat, CentOS, and Debian Distributions. Security researchers have discovered a new integer overflow vulnerability in Linux Kernel, dubbed Mutagen Astronomy, that affects Red Hat, CentOS, and Debian Distributions. The vulnerability could be exploited by an unprivileged user to gain superuser access to the targeted system. The flaw was […]

Pierluigi Paganini September 20, 2018
Sustes Malware: CPU for Monero

Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers. Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). Everybody knows Monero cryptocurrency and probably everybody knows […]