SecureTeam

Latest Snapekit Rootkit Poses Threat to Arch Linux Users

A newly discovered rootkit known as “Snapekit” has emerged, posing a significant risk to users of Arch Linux systems, particularly those running the 6.10.2-arch1-1 kernel. According to reports from multiple cybersecurity researchers, Snapekit is a highly sophisticated rootkit that exploits 21 system calls, enabling it to operate stealthily while avoiding detection. Its ability to remain […]

Latest Snapekit Rootkit Poses Threat to Arch Linux Users Read More »

OpenSSH Cryptomining Attacks on Linux and IoTs

Information Assurance, News / Ian Reynolds

Internet-facing Linux-based systems and Internet of Things (IoT) devices are being targeted in a recent attack that uses a patched version of OpenSSH to take over the devices and install cryptomining malware. Cryptomining involves the solving of complex mathematical problems to verify the payments carried out in cryptocurrency transactions, and creating new cryptocurrency tokens

OpenSSH Cryptomining Attacks on Linux and IoTs Read More »

Linux Kernel Vulnerability Allows Elevation to Root

News, Vulnerabilities / Ian Reynolds

A vulnerability has been identified in NetFilter, a packet filtering and NAT (Network Address Translation) framework within the Linux kernel. This vulnerability can allow local users to escalate privileges to gain root level access, resulting in complete control over the vulnerable system. Multiple Linux kernel releases are affected by this flaw, including the most recent

Linux Kernel Vulnerability Allows Elevation to Root Read More »

Citrix Privilege and Access Control Vulnerabilities

News, Vulnerabilities / Ian Reynolds

Security vulnerabilities have been identified in Citrix Virtual Apps and Desktops, and Citrix Workspace app for Windows and Linux. A total of 4 vulnerabilities have been addressed in the latest updates for these Citrix products which if exploited would allow attackers to perform elevation of privileges and take control of the system. These flaws have

Citrix Privilege and Access Control Vulnerabilities Read More »

New Backdoor Linux Malware ‘Lightning Framework’

News, Vulnerabilities / Ian Reynolds

A new, previously undetected, Linux malware known as ‘Lightning Framework’ can be used as a backdoor to install rootkits in infected devices via Secure Shell (SSH). A report released by Intezer this week calls this malware “Swiss Army Knife-like” due to its wide range of capabilities, and ability to use techniques to avoid detection and

New Backdoor Linux Malware ‘Lightning Framework’ Read More »

Microsoft Patches Linux Cluster Bug

News, Vulnerabilities / Ian Reynolds

The Microsoft Security Response Centre released a blog post this week about a Service Fabric (SF) Linux Cluster vulnerability. This bug has been identified on both Linux and Windows operating systems, however Microsoft claims only Linux is vulnerable to attack. This vulnerability was published as CVE-2022-30137 by Microsoft earlier this month. Azure Service Fabric is a distributed systems

Microsoft Patches Linux Cluster Bug Read More »

New Hard to Detect Linux Threat Discovered

News, Vulnerabilities / Ian Reynolds

A new Linux backdoor threat has been discovered, using malware known as ‘Symbiote’. This name has come from its ability to hide itself well, whilst stealing data and credentials from the ‘host’ victim. A threat report released last week by Intezer and The BlackBerry Threat Research & Intelligence Team details how this malware works, and why it’s

New Hard to Detect Linux Threat Discovered Read More »

Nimbuspwn vulnerability hits Linux

News, Vulnerabilities / Ian Reynolds

Researchers at Microsoft have documented a family of vulnerabilities that affect Linux systems, dubbed Nimbuspwn. These vulnerabilities can be chained together in order to gain root privileges on Linux systems allowing attackers to install malware and access all data on the server. The vulnerabilities in the networkd-dispatcher are tracked as CVE-2022-29799 and CVE-2022-29800. Networkd-dispatcher runs as root and

Nimbuspwn vulnerability hits Linux Read More »

Samba RCE vulnerability

News, Vulnerabilities / Ian Reynolds

A serious remote code execution vulnerability has been discovered in the Samba file sharing software. This bug allows an unauthenticated attacker to execute arbitrary code as root on an affected server. With a CVSS score of 9.9, this vulnerability affects Samba’s default configurations. Samba is a popular freeware utility that supports the SMB (Server Message

Samba RCE vulnerability Read More »

PwnKit Vulnerability affects every major Linux distro

News, Vulnerabilities / Ian Reynolds

A 12 year old bug has been discovered in the Linux pkexec utility which allows any unprivileged user to gain full root privileges on a vulnerable host. The new report from security researchers at Qualys explains how the vulnerability can be exploited. In summary the vulnerability, dubbed PwnKit, allows any unprivileged user to gain full

PwnKit Vulnerability affects every major Linux distro Read More »

Linux

Latest Snapekit Rootkit Poses Threat to Arch Linux Users

OpenSSH Cryptomining Attacks on Linux and IoTs

Linux Kernel Vulnerability Allows Elevation to Root

Citrix Privilege and Access Control Vulnerabilities

New Backdoor Linux Malware ‘Lightning Framework’

Microsoft Patches Linux Cluster Bug

New Hard to Detect Linux Threat Discovered

Nimbuspwn vulnerability hits Linux

Samba RCE vulnerability

PwnKit Vulnerability affects every major Linux distro

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch