Tag: Linux
Cybersecurity Threat Advisory: Play Ransomware expands
A new Linux variant of the infamous Play Ransomware, also known as Balloonfly and PlayCrypt, was recently discovered. This variant targets VMware ESXi environments, indicating a strategic shift by the threat actors involved. Review this Cybersecurity Threat Advisory for recommendations...
Cybersecurity Threat Advisory: OpenSSH vulnerability threatens remote code execution
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. Please review the information in this Cybersecurity Threat Advisory to limit your potential...
Cybersecurity Threat Advisory: Cisco patches high-severity bug
Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...
Cybersecurity Threat Advisory: Glibc root access vulnerability
A critical security flaw in the GNU C Library (glibc) has been disclosed, tracked as CVE-2023-6246. It allows malicious attackers to gain full root access on Linux machines. Read this Cybersecurity Threat Advisory to learn how to mitigate the risks...
Cybersecurity Threat Advisory: Bibi-Windows Wiper on the rise
Israel has recently been the target of cyberattacks involving a wiper malware that was previously observed to target both Linux and Windows systems. The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of...
Cybersecurity Threat Advisory: OpenSSH vulnerability on Linux systems
In this Cybersecurity Threat Advisory, a critical security flaw in OpenSSH, CVE-2023-38408 has been discovered. This vulnerability could potentially lead to remote code execution in OpenSSH’s forwarded SSH agent, affecting Linux systems and posing a significant threat to organizations’ cybersecurity posture....
Cybersecurity Threat Advisory: Linux Kernel Vulnerability
The Zero Day Initiative (ZDI) has disclosed a new Linux Kernel Vulnerability that could lead to code execution in the context of the kernel. The security flaw is a bug in the new Linux 5.15 SMB3 server, ksmbd. The ZDI...
Tech Time Warp: Linus Torvalds introduces Linux
They say hindsight is 20/20, which is why Linus Torvalds’ Aug. 25, 1991, message to a MINIX newsgroup is so humorous now: “I’m doing a (free) operating system (just a hobby, won’t be big and professional like gnu) … it...
Cybersecurity Threat Advisory: Dirty pipe Linux vulnerability provides privilege escalation
Security researchers have discovered and released information on new vulnerabilities and kernel level exploits to the public. The vulnerabilities: CVE-2022-049 and CVE-2022-0847 are some of the highest severity exploits and affect out-of-date Linux distros. Due to the similarities with the...
Oracle’s autonomous cloud tools should get you thinking about automation
Even with the shift to the cloud, it’s still up to IT to make sure that Linux is being patched and updated on a regular basis — which is often a tedious job. Oracle announced a product this week to help: a...
