-
New Linux Exploit ‘Dirty Cred’ Revealed at Black Hat
A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference. Zhenpeng Lin, a PhD student, and a team of researchers worked on an…
-
CI/CD Pipeline is Major Software Supply Chain Risk: Black Hat Researchers
Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain, according to NCC researchers. The presentation at last week’s Black Hat security…
-
Cobalt Strike Inspires Next-generation Crimeware
Cobalt Strike is a legitimate vulnerability scanning and pentesting tool that has long been a favorite tool of hackers, and it’s even been adapted by hackers for Linux environments. And…
-
Hackers Find Alternatives to Microsoft Office Macros
Hackers have been exploiting macros in Microsoft Office products for years, but now their tactics are changing as Microsoft has begun blocking macros by default. The typical attack scenario involves…
-
New Linux Malware Surges, Surpassing Android
Linux malware is skyrocketing and now surpasses both macOS and Android, according to a new report, suggesting that cybercriminals are increasingly targeting the open source operating system. The Atlas VPN…
-
How to Secure DNS
The domain name system (DNS) is basically a directory of addresses for the internet. Your browser uses DNS to find the IP for a specific service. For example, when you…
-
Lilith: The Latest Threat in Ransomware
Discovered by malware hunter JAMESWT on Twitter, Lilith is ransomware designed to lock Windows machines. The malware exfiltrates data before encrypting the targeted devices to provide additional means of extortion.…
-
New Highly-Evasive Linux Malware Infects All Running Processes
Intezer Labs security researchers have identified a sophisticated new malware that targets Linux devices. Dubbed OrBit, the malware can gain persistence quickly, evade detection and hide its presence in network…
-
25 Most Dangerous Software Vulnerabilities & Flaws Identified by MITRE
MITRE has released its latest list of the top 25 most exploited vulnerabilities and exposures found in software. The MITRE CWE list is different from the product-specific CVE lists from…
-
Highly Sophisticated Malware Attacks Home and Small Office Routers
Security researchers have uncovered an unusually sophisticated malware that has been targeting small office/home office (SOHO) routers for nearly two years, taking advantage of the pandemic and rapid shift to…
