Aqua Security

JULY 19, 2023

eBPF is a popular and powerful technology embedded in the Linux kernel. Lately, we have seen a rise in the number of eBPF based tools used for malicious goals such as rootkits ( ebpfkit, TripleCross ) and malwares ( pamspy ). It is widely used by many security tools for monitoring kernel activity to detect and protect organizations.

Malware 96

Malware Linux Tools Organization 96

Linux Academy

APRIL 30, 2019

By adding free cloud training to our Community Membership, students have the opportunity to develop their Linux and Cloud skills further. Each month, we will kick off our community content with a live study group allowing members of the Linux Academy community to come together and share their insights in order to learn from one another.

Linux 113

Linux AWS Big Data Course 113

The Parallax

JANUARY 22, 2018

Its success was predicated not on “zero-day” vulnerabilities or new forms of malicious software, but rather on older, known malware delivered via an all-too-familiar method: phishing. The malware included hacked versions of end-to-end encrypted communication apps Signal and WhatsApp.

Malware 170

Malware Spyware Mobile Government 170

Palo Alto Networks

JUNE 7, 2021

The Unit 42 cybersecurity consulting group published research on the first known malware targeting Windows containers, which was discovered by Unit 42 researcher Daniel Prizmant and named Siloscape. The post Unit 42 Discovers First Known Malware Targeting Windows Containers appeared first on Palo Alto Networks Blog.

Malware 98

Malware Windows Software Review Open Source 98

Lacework

JUNE 27, 2020

Whether you’re an engineer or a system administrator, you’ve probably found bash to be a go-to resource for automating your Linux tasks. Bash is so useful that it has become popular among malware authors as well. This is because it can easily perform many tasks that are necessary for malware installation and system persistence.

Malware 144

Malware Systems Administration Linux Resources 144

Lacework

JULY 15, 2022

This ancient technique has found its place in the world of malware, namely hiding malicious code within other files including image formatted files ( T1027.003 ). General indicators and signatures for steg malware are provided in the hunting section. Steg malware is uncommon relative to other malware. Malware Details.

Malware 96

Malware Network Storage Groups 96

Prisma Clud

JUNE 22, 2023

Using WildFire in 2021 to analyze malicious files, our threat research team discovered a 73% increase in Cobalt Strike malware samples compared to 2020. The speed, volume and sophistication of modern malware attacks has made them more difficult to detect.

Malware 76

Malware Linux Windows Operating System 76

Tenable

MARCH 14, 2025

Meanwhile, Tenable did a deep dive on DeepSeeks malware-creation capabilities. The short answer: The DeepSeek R1 large language model (LLM) can provide a useful starting point for developing malware, but it requires additional prompting and debugging. CIS SUSE Linux Enterprise 15 Benchmark v2.0.1 Benchmark v1.1.0

Infrastructure 70

Infrastructure Artificial Inteligence Open Source Malware 70

Aqua Security

SEPTEMBER 9, 2022

This blog was co-authored by Itamar Maouda Two years ago, the NSA (the United States' National Security Agency) revealed that Drovorub, an advanced Russian malware created by the GRU 85th GTsSS team, had been discovered targeting Linux systems. It has an advanced kernel rootkit that hooks several kernel functions.

Linux 139

Linux Malware Open Source Operating System 139

O'Reilly Media - Ideas

MARCH 4, 2025

Like Linux, Ruby on Rails can run in the browser. Linux booting inside a PDF in Chrome. PDF implementations support JavaScript; C can be compiled into a subset of JavaScript (asm.js), which means that a RISC-V emulator can be compiled to JavaScript and run in a PDF in the browser, which then runs Linux. An amazing hack.

Artificial Inteligence 62

Artificial Inteligence Trends Open Source Linux 62

Ooda Loop

MARCH 6, 2024

Cado Security has issued a warning about a cryptojacking campaign leveraging Linux malware, which targets misconfigured Apache Hadoop, Confluence, Docker, and Redis instances with innovative malicious payloads.

Malware 53

Malware Linux Cloud Innovation 53

Tenable

MAY 1, 2024

Tenable Cloud Security is enhancing its capabilities with malware detection. Even though cloud adoption has become mainstream, many threats and attack tactics still rely on malware payloads. Tenable Cloud Security can now find malware in many different cloud workloads. The addition of malware detection enhances this approach.

Malware 73

Malware Cloud Linux Analysis 73

Ooda Loop

FEBRUARY 18, 2025

Elastic Security Labs has discovered a new post-exploitation malware kit which targets both Windows and Linux systems. The malware has been used in attacks on a South American nations foreign ministry. […] The post New FinalDraft Malware Spotted in Espionage Campaign appeared first on OODAloop.

Malware 59

Malware Linux Windows System 59

O'Reilly Media - Ideas

FEBRUARY 4, 2025

Stratoshark is a new tool for analyzing system calls on Linux. Heres one that runs on Linux and macOS. Security Cybercriminals are distributing malware through Roblox mods. Discord, Reddit, GitHub, and other communications channels are used to attract users to malware-containing packages. Youll need a compiler.

Artificial Inteligence 75

Artificial Inteligence Trends Software Review Open Source 75

Perficient

JANUARY 31, 2023

A common operating system (OS) on personal computers, servers, and other gadgets is Linux. The fact that Linux is very customizable is one of its key advantages. Linux is also renowned for its security and dependability. Customizability Because Linux is so flexible, users can change the OS to their preferences.

Linux 64

Linux Software Review Open Source Malware 64

Tenable

JULY 25, 2019

Scanner for “BlueKeep” vulnerability and newly minted exploits for Exim and Jira incorporated into cryptocurrency mining malware. On July 24, researchers at Intezer published a blog about a new variant of the WatchBog malware. Linux Malicious File Detection: User Defined Malware. YARA File Scan (Linux).

Malware 14

Malware Linux Data Center Software Review 14

O'Reilly Media - Ideas

APRIL 1, 2025

Given last months demonstration of Linux booting in a PDF in a browser, we can say that amazing, useless, and fun hacking is thriving. Cybercriminals are using online file conversion tools to steal information and infect sites with malware, including ransomware.

Trends 97

Trends Open Source Software Review Malware 97

Palo Alto Networks

DECEMBER 11, 2024

This years evaluation was more rigorous than ever, incorporating false positive testing, macOS support and expanded Linux scenarios. These results reaffirm our commitment to providing the most comprehensive defense for every major OS Windows, macOS and Linux.

Linux 126

Linux Malware Research Groups 126

Tenable

OCTOBER 22, 2024

When Bash, a command interpreter used by Unix-based systems including Linux and macOS, processed this variable, it would execute the function, but also run the arbitrary commands appended after the function definition. Shellshock” quickly became one of the most severe vulnerabilities discovered, comparable to Heartbleed’s potential impact.

Software Review 75

Software Review Windows Groups Network 75

Lacework

APRIL 22, 2021

Sysrv-hello is a multi-architecture Cryptojacking (T1496) botnet that first emerged in late 2020, and employs Golang malware compiled into both Linux and Windows payloads. The malware is equal parts XMRig cryptominer and aggressive botnet-propagator.

Infrastructure 103

Infrastructure Malware Linux Windows 103

CIO

AUGUST 28, 2024

Conclusión nº 1: La interrupción de CrowdStrike fue más que un defecto técnico Sí, Microsoft permitió el acceso a su kernel mientras que Apple y la mayoría de las variantes de Linux no lo hicieron, permitiendo los malos parches que causaron el problema. Érase una vez el malware.

Airlines 177

Airlines Windows Malware DevOps 177

Lacework

FEBRUARY 27, 2023

Jared Stroud Cloud Security Researcher, Lacework Labs Modern Linux malware binaries are being shipped with one or more embedded files. Prior to the “real payload” being dropped, it’s common to see checks for the host’s CPU architecture, Linux distribution or […]

Linux 98

Linux Malware Architecture Research 98

O'Reilly Media - Ideas

APRIL 16, 2024

A couple of weeks ago, a supply-chain attack against the Linux xz Utils package, which includes the liblzma compression library, was discovered just weeks before the compromised version of the library would have been incorporated into the most widely used Linux distributions. We’ve been very lucky.

Malware 122

Malware Open Source Linux Social 122

Kaseya

MAY 14, 2020

Failure to Protect Against Data Corruption and Malware. Despite the growing frequency of headline-grabbing incidents, failing to detect malware in backup environments continues to be among the most common issues causing disaster recovery failures. Most malware infections target Windows-based systems. .

Disaster Recovery 141

Disaster Recovery Backup Software Review Technical Review 141

Tenable

APRIL 8, 2025

Microsoft identified this vulnerability in ransomware deployed by the PipeMagic malware via the group tracked as Storm-2460. of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 25.6%. It was assigned a CVSSv3 score of 7.8 and is rated as important. It was exploited in the wild as a zero-day.

Windows 78

Windows Azure Malware Media 78

Lacework

FEBRUARY 27, 2023

In this edition of ELF of the Month, we take a look at a Linux DDoS sample […] James CondonDirector of Research, Lacework Labs Each month we take a look at a malicious Executable and Linkable Format (ELF) file, the common executable file format for Unix and Unix-like Operating Systems, and share details about the sample.

Linux 52

Linux Malware Operating System Research 52

The Crazy Programmer

NOVEMBER 10, 2021

For instance, it will notice when a host has been infected with malware and tries to spread the malware across the network. An Anomaly-based Intrusion Detection System (AIDS) is designed to pinpoint unknown cybersecurity attacks such as novel malware attacks. It will compare the attacks against an established baseline.

System 173

System Tools Artificial Inteligence Malware 173

Lacework

MARCH 29, 2022

They never miss an opportunity to cash in, whether they take advantage of common cloud configuration mistakes, target software supply chains, or adapt malware to evade detection. This malicious update opened up Linux systems to receive and run the open-source cryptocurrency miner, XMRig. Linux Malware and the Cloud.

Report 91

Report Cloud Malware Linux 91

Linux Academy

APRIL 29, 2019

By adding free cloud training to our Community Membership, students have the opportunity to develop their Linux and Cloud skills further. Each month, we will kick off our community content with a live study group allowing members of the Linux Academy community to come together and share their insights in order to learn from one another.

Linux 60

Linux AWS Big Data Course 60

CIO

AUGUST 25, 2022

After all, you wouldn’t want your haptic glove to misbehave in the metaverse or your autonomous vehicle sensors to be hijacked by malware. Separating system and application spaces is already gaining followers for immutable Linux operating systems – even in consumer devices. Operating Systems for the edge.

CTO 148

CTO 3D Linux Open Source 148

Edgewise

JANUARY 31, 2019

What happens, then, when a cyber attack, namely malware, is used to uninstall security software designed specifically to prevent public cloud infrastructure compromise? This is precisely what happened with a new malware variant discovered by Palo Alto Networks’ Unit 42.

Malware 75

Malware Cloud Linux Infrastructure 75

O'Reilly Media - Ideas

JANUARY 5, 2021

The attack came through malware planted in a security product from SolarWinds. Google’s FuschiaOS, a possible replacement for the Android’s Linux kernel, is now “ open for contributions.” The end of CentOS Linux ? CentOS may live on independently as Rocky Linux. The attack may well be the most serious in cyber-history.

Trends 127

Trends Linux Artificial Inteligence Systems Review 127

Lacework

APRIL 16, 2021

Modern Linux malware binaries are being shipped with one or more embedded files. Prior to the “real payload” being dropped, it’s common to see checks for the host’s CPU architecture, Linux distribution or a series of other factors that influence which embedded [.].

Linux 83

Linux Malware Architecture 83

Aqua Security

APRIL 22, 2020

This is being exploited by malicious actors to embed sophisticated malware in innocent-looking images. While mature projects such as the official Linux distributions have well-defined review processes, smaller projects lack the resources to effectively review code from trusted contributors and have weak governance.

Analysis 95

Analysis Software Review Open Source Malware 95

Palo Alto Networks

DECEMBER 29, 2022

23, a new variant of wiper malware, named HermeticWiper, was discovered in Ukraine. In January 2022, Unit 42 researchers were able to map out three large clusters of Gamaredon’s infrastructure used to support different phishing and malware purposes. New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

Malware 80

Malware Linux Telecommunications Government 80

O'Reilly Media - Ideas

JULY 2, 2024

The Podman AI Lab is a good way for Linux users to experiment with running AI locally. Linux malware controlled by emojis sent from Discord ? The malware, which spreads through phishes, uses emojis to send commands. A new kind of phish uses the Windows Search protocol to download malware. That’s creative.

Artificial Inteligence 117

Artificial Inteligence Trends Software Review Malware 117

CIO

MAY 15, 2024

A model trained on, say, an archive of flat earth conspiracy theories will be bad at answering science questions, or a model fine-tuned by North Korean hackers might be bad at correctly identifying malware. They’re also full of inaccurate and biased information, malware, and other materials that can degrade the quality of output.

Open Source 205

Open Source Weak Development Team Artificial Inteligence Training 205