Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …
Ubuntu 22.04 LTS released, delivers enterprise-grade security
Canonical Ubuntu 22.04 LTS is now generally available, featuring significant leaps forward in cloud confidential computing, real-time kernel for industrial applications, and …
Attackers using default credentials to target businesses, Raspberry Pi and Linux top targets
Findings from a Bulletproof report highlight the issue posed by poor security hygiene as automated attacks remain a high security threat to businesses. The research gathered …
Easily exploitable Linux bug gives root access to attackers (CVE-2022-0847)
An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking …
How to empower IT Sec and Ops teams to anticipate and resolve IT problems
Every IT system administrator knows the misery of facing a problem for which the root cause requires hours (and sometimes days) to unearth, all the while part of the IT …
AlmaLinux OS 8.5 for PowerPC is now available
The AlmaLinux OS Foundation announced a new stable release with support for the PowerPC architecture and IBM Power Systems, inching closer to parity with Red Hat Enterprise …
How much can you trust your printer?
In this interview with Help Net Security, Scott Best, Director of anti-tamper security technology at Rambus, talks about what organizations should be aware of when it comes to …
How cybercriminals are using malware to target Linux-based operating systems
As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Current …
PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034)
A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by …
A new multi-platform backdoor is leveraged by an advanced threat actor
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. “In the Linux and macOS versions, it masquerades as a …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Researchers discover ransomware that encrypts virtual machines hosted on an ESXi hypervisor
Sophos has released details of a new ransomware written in Python that attackers used to compromise and encrypt virtual machines hosted on an ESXi hypervisor. The report …