Please turn on your JavaScript for this page to function normally.
botnet
Ebury botnet compromises 400,000+ Linux servers

ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of …

MITRE
MITRE breach details reveal attackers’ successes and failures

MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December 31, 2023. On that day, the …

open source
New open-source project takeover attacks spotted, stymied

The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …

backdoor
XZ Utils backdoor: Detection tools, scripts, rules

As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? …

Linux updated
XZ Utils backdoor update: Which Linux distros are affected and what can you do?

UPDATE: April 9, 09:23 AM ET A new story has been published: XZ Utils backdoor: Detection tools, scripts, rules The news that XZ Utils, a compression utility present in most …

Linux alert
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)

UPDATE: April 9, 09:23 AM ET Two stories have been published since this initial release: Which Linux distros are affected and what can you do? XZ Utils backdoor: Detection …

malware
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware

A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among …

Ivanti
Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)

Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and …

laptop
Blackwood APT delivers malware by hijacking legitimate software update requests

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage …

Ivanti
Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)

Two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers …

Cisco
“Disappearing” implants, followed by first fixes for exploited Cisco IOS XE zero-day

Cisco has released the first fixes for the IOS XE zero-day (CVE-2023-20198) exploited by attackers to ultimately deliver a malicious implant. The fixes were made available on …

servers
Quantum risk is real now: How to navigate the evolving data harvesting threat

In an era where data security is paramount, the recent revelations about firmware backdoors implanted by Chinese government-backed hackers serve as a stark reminder of the …

Don't miss

Cybersecurity news