A new trojan named Mirai has surfaced, and it's targeting Linux servers and IoT devices, mainly DVRs, running Linux-based firmware, for the purpose of enslaving these systems as part of a large botnet used to launch DDoS attacks. Mirai is an evolution of an older trojan, also used for DDoS attacks.
Mirai's mode of operation is largely the same as Gafgyt, targeting IoT devices running Busybox, a slimmed-down version of select GNU tools and libraries, usually deployed on small embedded hardware. The trojan also targets only a specific set of platforms, on which IoT devices are usually built.Read more
An estimated 80 percent of Android smartphones and tablets running Android 4.4 KitKat and higher are vulnerable to a recently disclosed Linux kernel flaw that allows hackers to terminate connections, spy on unencrypted traffic or inject malware into the parties' communications.
Even the latest Android Nougat Preview is considered to be vulnerable. The security flaw was first appeared in the implementation of the TCP protocol in all Linux systems deployed since 2012 and the Linux Foundation has already patched the Linux kernel. However, the vulnerability is now affecting a large portion of the Android ecosystem.Read more
Computer scientists have discovered a serious Internet vulnerability that allows attackers to terminate connections between virtually any two parties and, if the connections aren't encrypted, inject malicious code or content into the parties' communications.
The vulnerability resides in the design and implementation of RFC 5961, a relatively new Internet standard that's intended to prevent certain classes of attacks. In fact, the protocol is designed in a way that it can easily open Internet users to so-called blind off-path attacks, in which hackers anywhere on the Internet can detect when any two parties are communicating over an active transmission control protocol connection.Read more
No software is immune to being hacked! Not even Linux. The Ubuntu online forums have been hacked, and data belonging to over 2 Million users have been compromised, Canonical announced.
The compromised users’ data include their IP addresses, usernames, and email addresses, according to the company, who failed to apply a patch to secure its users' data. However, users should keep in mind that the hack did not affect the Ubuntu operating system, or it was not due to a vulnerability or weakness in the OS. Instead, the breach only affected the Ubuntu online forums that people use to discuss the OS.Read more
Linux Mint forum users, and anyone who downloaded and installed a copy of the 17.3 Cinnamon edition on Saturday have probably been compromised by hackers and need to take action immediately, the distro's creator has warned.
Clem Lefebvre, confirmed in a blog post that the "intrusion" had taken place over the weekend. He said: "Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it." He added that the resultant malware infection had only affected ISOs downloaded from the Linux Mint site on Saturday, February 20. "As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition," Lefebvre said.Read more
A highly critical vulnerability has been uncovered in the GNU C Library, a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers that can take full control over them.
Just clicking on a link or connecting to a server can result in remote code execution, allowing hackers to steal credentials, spy on users, seize control of computers, and many more. The vulnerability is similar to the last year's GHOST vulnerability that left countless machines vulnerable to remote code execution attacks, representing a major Internet threat.Read more
Four vulnerabilities in the Graphite font processing library allow attackers to compromise machines by supplying them with malicious fonts. Graphite's authors describe the library as a tool capable of creating "smart fonts" that can display dynamic glyphs for showing complex writing systems.
Many applications use Graphite, and among them are Firefox, Pale Moon, Thunderbird, OpenOffice, LibreOffice, and WorldPad, but the library is also used in many Linux distros. According to an advisory, this library includes four vulnerabilities. The worst is an out-of-bounds read bug that allows attackers to crash the system and even execute arbitrary code on the machine.Read more
Dr.Web, a Russian antivirus maker, has detected a new threat against Linux users, the Linux.Ekocms.1 trojan, which includes special features that allow it to take screengrabs and record audio.
Discovered four days ago, Linux.Ekocms is only the latest threat targeting Linux PCs, after the Linux.Encoder ransomware family and the Linux XOR DDoS malware had caused a large number of issues last autumn and put a dent in Linux's status as impermeable when it comes to malware infections. According to Dr.Web, this particular trojan is part of the spyware family and was specially crafted to take a screenshot of the user's desktop every 30 seconds.Read more
A new zero-day vulnerability has been discovered that allows Android or Linux applications to escalate privileges and gain root access, according to a report released this morning by Perception Point.
"This affects all Android phones KitKat and higher," said Yevgeny Pats, co-founder and CEO at security vendor Perception Point. Any machine with Linux Kernel 3.8 or higher is vulnerable, he said, including tens of millions of Linux PCs and servers, both 32-bit and 64-bit. Although Linux lags in popularity on the desktop, the operating system dominates the Internet, mobile, embedded systems and the Internet of Things, and powers nearly all of the world's supercomputers.Read more
So what would anyone need to bypass password protection on your computer? It just needs to hit the backspace key 28 times, for at least the computer running Linux operating system. Wait, what?
A pair of security researchers have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times. This time, the issue is neither in a kernel nor in an operating system itself, but rather the vulnerability actually resides in Grub2, the popular Grand Unified Bootloader, which is used by most Linux systems to boot the operating system when the PC starts.Read more