Interesting: What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines. Instead of being a standalone executable file that is run to infect a machine, it is a shared object (SO) library that is loaded into all … Read More “Symbiote Backdoor in Linux” »
Category: linux
Auto Added by WPeMatico
In kernel version 5.17, both /dev/random and /dev/urandom have been replaced with a new — identical — algorithm based on the BLAKE2 hash function, which is an excellent security improvement. Powered by WPeMatico
It’s a privilege escalation vulnerability: Linux users on Tuesday got a major dose of bad news — a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running most major distributions of the open source operating system. Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes. It provides … Read More “Twelve-Year-Old Linux Vulnerability Discovered and Patched” »
Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021. Ten times more Mozi malware samples were observed in 2021 compared to 2020. … Read More “Linux-Targeted Malware Increased by 35%” »
This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security. Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very old versions of … Read More “Router Security” »
The attack requires physical access to the computer, but it’s pretty devastating: On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can bypass the login screen of a sleeping or locked computer — and even its hard disk encryption — to gain full access to the computer’s data. And while his attack in … Read More “Attack Against PC Thunderbolt Port” »
BusKill is designed to wipe your laptop (Linux only) if it is snatched from you in a public place: The idea is to connect the BusKill cable to your Linux laptop on one end, and to your belt, on the other end. When someone yanks your laptop from your lap or table, the USB cable … Read More “USB Cable Kill Switch for Laptops” »
The Linux encryption app Cryptkeeper has a rather stunning security bug: the single-character decryption key “p” decrypts everything: The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper … Read More “Cryptkeeper Bug” »
Firefox is removing the battery status API, citing privacy concerns. Here’s the paper that described those concerns: Abstract. We highlight privacy risks associated with the HTML5 Battery Status API. We put special focus on its implementation in the Firefox browser. Our study shows that websites can discover the capacity of users’ batteries by exploiting the … Read More “Firefox Removing Battery Status API” »