SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#Linux
18 Dec 2017

"Zealot" campaign uses NSA exploits to mine Monero on Windows and Linux servers

An aggressive and sophisticated malware campaign is currently underway, targeting Linux and Windows servers with an assortment of exploits with the goal of installing malware that mines the Monero cryptocurrency.

The campaign was detected by security researchers from F5 Networks, who named it Zealot, after zealot.zip, one of the files dropped on targeted servers. According to Maxim Zavodchik and Liron Segal, two security researchers for F5 Networks, the attackers are scanning the Internet for particular servers and using two exploits, one for Apache Struts and one for the DotNetNuke ASP.NET CMS, to get a foothold on unpatched machines.

Read more
Tags:
Linux NSA Windows
Source:
BleepingComputer
1865
20 Jul 2017

New Linux malware exploits SambaCry flaw to silently backdoor NAS devices

Almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software, allowing a hacker to remotely take full control of a vulnerable Linux and Unix machines.

We dubbed the vulnerability as SambaCry, because of its similarities to the Windows SMB vulnerability exploited by the WannaCry ransomware that wreaked havoc across the world over two months ago. Despite being patched in late May, the vulnerability is currently being leveraged by a new piece of malware to target the Internet of Things (IoT) devices, particularly Network Attached Storage (NAS) appliances, researchers at Trend Micro warned.

Read more
Tags:
Linux information leaks
Source:
The Hacker News
1653
7 Jul 2017

Wikileaks unveils CIA implants that steal SSH credentials from Windows & Linux PCs

WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors.

Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network. Dubbed BothanSpy — implant for Microsoft Windows Xshell client, and Gyrfalcon — targets the OpenSSH client on various distributions of Linux OS.

Read more
Tags:
Windows Linux Wikileaks CIA surveillance information leaks
Source:
The Hacker News
1867
6 Jul 2017

Linux's systemd vulnerable to DNS server attack

Security experts are warning of a bug that could allow hackers to craft TCP packets that fool Linux's initialization deamon systemd, which could cause systems to crash or make them run malicious code.

Ubuntu maker Canonical has released a patch to address the issue discovered by Chris Coulson, a software engineer at the firm. "A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it," Coulson wrote. The bug could be used by a remote attacker to cause a denial of service in the daemon or execute arbitrary code.

Read more
Tags:
information leaks Linux
Source:
ZDNet
1605
3 Jul 2017

Wikileaks reveals CIA malware that hacks & spy on Linux computers

WikiLeaks has just published a new batch of the ongoing Vault 7 leak, this time detailing an alleged CIA project that allowed the agency to hack and remotely spy on computers running the Linux operating systems.

Dubbed OutlawCountry, the project allows the CIA hackers to redirect all outbound network traffic on the targeted computer to CIA controlled computer systems for exfiltrate and infiltrate data. The OutlawCountry Linux hacking tool consists of a kernel module, which the CIA hackers load via shell access to the targeted system and create a hidden Netfilter table with an obscure name on a target Linux user.

Read more
Tags:
Linux CIA Wikileaks surveillance
Source:
The Hacker News
1690
29 May 2017

A wormable code-execution bug has lurked in Samba for 7 years

Maintainers of the Samba networking utility just patched a critical code-execution vulnerability that could pose a severe threat to users until the fix is widely installed. The flaw can be reliably exploited with just one line of code to execute malicious code, as long as a few conditions are met.

Those requirements include vulnerable computers that (a) make file- and printer-sharing port 445 reachable on the Internet, (b) configure shared files to have write privileges, and (c) use known or guessable server paths for those files. When those conditions are satisfied, remote attackers can upload any code of their choosing and cause the server to execute it.

Read more
Tags:
information leaks Linux
Source:
ArsTechnica
1820
24 Feb 2017

11-year old Linux Kernel local privilege escalation flaw discovered

Another privilege-escalation vulnerability has been discovered in Linux kernel that dates back to 2005 and affects major distro of the Linux operating system, including Redhat, Debian, OpenSUSE, and Ubuntu.

Over a decade old Linux Kernel bug has been discovered by security researcher Andrey Konovalov in the DCCP implementation using Syzkaller, a kernel fuzzing tool released by Google. The vulnerability is a use-after-free flaw in the way the Linux kernel's "DCCP protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket."

Read more
Tags:
information leaks Linux
Source:
The Hacker News
1753
10 Jan 2017

KillDisk ransomware targets Linux

What will you do if Ransomware infects you? Should you pay or not to recover your files? The FBI advises - Pay off the criminals to get your files back if you don't have a backup. But paying off a ransom to cyber criminals is not a wise option because there is no guarantee that you'll get the decryption key in return.

In the latest incident, the new variant of KillDisk ransomware has been found encrypting Linux machines, making them unbootable with data permanently lost. What is KillDisk? It is a destructive data wiping malware that has previously been used to sabotage companies by randomly deleting files from the computers.

Read more
Tags:
Linux hackers fraud
Source:
The Hacker News
1954
4 Jan 2017

Linux backdoor gives hackers full control over vulnerable devices

Security company ESET discovered a new form of malware that’s specifically targeting embedded Linux devices with the purpose of infecting them and providing hackers with full control, while also leaving the door open for a series of other dangerous tasks, including launching DDoS attacks.

Called Rakos, the new malware launches attacks at embedded devices and servers with an open SSH port and uses brute force attempts to crack the password. Rakos creators want to infect as many systems as possible to create a botnet that could be then used for other malicious attacks.

Read more
Tags:
Linux information leaks
Source:
Softpedia
1915
16 Nov 2016

This hack gives Linux root shell just by pressing enter for 70 seconds

A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds.

The result? The act grants the hacker a shell with root privileges, which allows them to gain complete remote control over encrypted Linux machine. The security issue relies due to a vulnerability in the implementation of the Cryptsetup utility used for encrypting hard drives via Linux Unified Key Setup, which is the standard implementation of disk encryption on a Linux-based operating system. The flaw actually is in the way the Cryptsetup utility handles password failures for the decryption process when a system boots up.

Read more
Tags:
Linux information leaks
Source:
The Hacker News
2770
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
First page Previous
1 2 3
Next Last page
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015