LinuxSecurity.com
Chinese Hackers Have Unleashed a Never-Before-Seen Linux Backdoor
Researchers have discovered a never-before-seen backdoor for Linux that's being used by a threat actor linked to the Chinese government.
Kategorie: Hacking & Security
Mitigations for Critical c-ares DoS, Code Execution Bug Released
A critical buffer overflow vulnerability has been found in c-ares before 1_16_1 thru 1_17_0 via the function ares_parse_soa_reply in ares_parse_soa_reply.c ( CVE-2020-22217 ). Due to how simple this bug is to exploit and its significant threat to the confidentiality, integrity, and availability of impacted systems, it has received a National Vulnerability Database base score of 9.8 out of 10 (''Critical'' severity).
Kategorie: Hacking & Security
Harden Ubuntu Server to Secure Your Container and Other Deployments
You'll be surprised at how easy it is to harden the Ubuntu Server and ensure your deployments' foundation is as secure as possible.
Kategorie: Hacking & Security
Ubuntu 23.04 & 22.04.3 Installs Haven't Been Following Their Own Security Best Practices
It turns out that Ubuntu Linux installations of Ubuntu 23.04, 22.04.3 LTS, and installs done since April 2023 that accepted the Snap version update haven't been following Ubuntu's own recommended security best practices for their security pocket configuration for packages. A new Subiquity release was issued today to fix this problem while those on affected Ubuntu installs are recommended to manually edit their /etc/apt/sources.list file.
Kategorie: Hacking & Security
APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers
APT36 is a highly sophisticated APT (Advanced Persistent Threat) group known for conducting targeted espionage in South Asia and is strongly linked to Pakistan.
Kategorie: Hacking & Security
Multiple Severe, Remotely Exploitable Chromium Vulns Fixed
Multiple severe, remotely exploitable security vulnerabilities have been found in Chromium, including out-of-bounds memory access in V8, CSS, and Fonts ( CVE-2023-4427 , CVE-2023-4428 , and CVE-2023-4431 ), and use after frees in Loader and Vulkan ( CVE-2023-4429 and CVE-2023-4430 ). Because of the serious threat these bugs pose to the confidentiality, integrity, and availability of impacted systems and their ease of exploitation, they have all received a National Vulnerability Database severity rating of ''High''.
Kategorie: Hacking & Security
Critical Memory Safety Bug, Other Severe Vulns Fixed in Thunderbird
A critical memory safety bug has been discovered in Thunderbird 115.0 and Thunderbird 102.13 ( CVE-2023-4056 ). Due to the severity of this vulnerability's threat to the confidentiality, integrity, and availability of impacted systems, it has received a National Vulnerability Database base score of 9.8 out of 10. Other severe vulnerabilities have also been found in Thunderbird, including improper validation of the Text Direction Override Unicode Character in filenames ( CVE-2023-3417 ) and copying of an untrusted input stream to a stack buffer without checking its size ( CVE-2023-4050 ).
Kategorie: Hacking & Security
Critical OpenDMARC DoS Bug Fixed
A critical vulnerability was found in the OpenDMARC open-source implementation of the DMARC specification. It was discovered that OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 incorrectly handled certain inputs, resulting in remote memory corruption in certain situations ( CVE-2020-12460 ). This vulnerability has received a National Vulnerability Database base score of 9.8 out of 10 (''Critical'' severity).
Kategorie: Hacking & Security
Linux Malware! Read This If You Use Free Download Manager
We do not often talk about Linux malware because it is often quickly patched up and not exploited much in the wild compared to Windows/macOS. However, there has been a concern regarding the Free Download Manager (a decently popular cross-platform download manager).
Kategorie: Hacking & Security
TCP Authentication Option "TCP-AO" Support Nears For The Linux Kernel
One of the new Linux networking features we've been looking forward to seeing in the kernel is TCP Authentication Option (TCP-AO / RFC5925) as a means of improving TCP security and authenticity. The eleventh iteration of the TCP-AO patches were posted today for the Linux kernel with it looking like work on this network addition potentially wrapping up soon.
Kategorie: Hacking & Security
RISC-V With Linux 6.6 Offers Better Kernel Security With KASLR
More RISC-V architecture updates were merged this weekend for the ongoing Linux 6.6 merge window.
Kategorie: Hacking & Security
Expanded Platform Support For AMD Dynamic Boost Control Being Worked On For Linux
Since early this year AMD has been working on Linux enablement patches for Dynamic Boost Control (DBC). This is a new feature of some AMD SoCs that allow an "authenticated entity" to have greater control over certain SoC characteristics to improve the power/performance. AMD DBC was merged for Linux 6.6 just days ago while already new patches have been posted that extend the supported platforms for this Dynamic Boost Control functionality.
Kategorie: Hacking & Security
The Great CentOS Linux Migration: How We Got Here and Whats Next
The recent news regarding Red Hat's decision to limit access to the source code of their Red Hat Enterprise Linux (RHEL) distribution has garnered considerable attention. "It is wise to make sure security and IT compliance aspects are addressed. Perhaps more open source Linux distributions will appear in the near future and offer another alternative to CentOS Linux."
Kategorie: Hacking & Security
What is LEMP Stack?
In the world of web development, terms like MEAN, MERN, LEMP, and PERN are frequently encountered. These terms refer to web stacks, which are bundles of software, frameworks, and libraries used for building full-stack web applications. One such popular web stack is LEMP. In this comprehensive guide, we will explore what the LEMP stack is, its components, how it works, and why it is popular in web development.
Kategorie: Hacking & Security
Hackers Using BlueShell Malware to Attack Windows, Linux, and Mac Systems
The usage of Blueshell malware spikes up by various threat actors to target Windows, Linux, and other operating systems across Korea and Thailand.
Kategorie: Hacking & Security
Critical PHP Info Disclosure, Code Execution Bugs Fixed
Two major security vulnerabilities were recently discovered in PHP. It was discovered that PHP incorrectly handled certain XML files ( CVE-2023-3823 ) and certain PHAR files ( CVE-2023-3824 ). Due to their ease of exploitation and the severe threat that these issues pose to impacted systems, these vulnerabilities have been rated by the National Vulnerability Database as High-Severity and Critcial, respectively.
Kategorie: Hacking & Security
North Korean Malware Targets Windows, MacOS and Linux
Cybersecurity researchers at ReversingLabs claim that a recent malicious cyber campaign targeting MacOS, Linux, and Windows systems was carried out by the North Korean threat group Lazarus.
Kategorie: Hacking & Security
What Is Kali Linux? Everything To Know About the Popular Linux Distro
One of the most-used Linux distros is Kali Linux, which is preferred by security professionals.
Kategorie: Hacking & Security
SELinux In Linux 6.6 Removes References To Its Origins At The US NSA
Security Enhanced Linux (SELinux) has been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems. Those that haven't been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). But now with Linux 6.6 the NSA references are being removed.
Kategorie: Hacking & Security
AMD Publishes SEV Firmware As Open-Source
While I have been eagerly following the AMD openSIL project for open-source CPU initialization that will eventually replace AGESA , today AMD announced a new open-source firmware drop: the SEV firmware has been made open-source.
Kategorie: Hacking & Security