Google’s Project Zero has discovered 18 zero-day vulnerabilities in Samsung’s Exynos chips, which attackers could use to completely compromise a phone without the user’s knowledge. The flaws affect a wide range of Android smartphones from Samsung, Vivo, and Google, as well as wearables and vehicles that use Exynos W920 and Exynos Auto T5123 chipsets. The […] read more

A new variant of IceFire ransomware has been discovered that targets Linux systems. In the past, it has been found to target Windows only. This ransomware is known for targeting technology companies, while in Linux, it appears to be targeting media and entertainment companies. The ransomware operators target large enterprises and utilize techniques like double […] read more

Cybersecurity threats are ever present and government organizations face unique challenges in securing the sensitive information of citizens. As workers with limited technology training become increasingly susceptible to threat actors, the need for comprehensive cybersecurity education has never been greater.  In this article, we discuss why cybersecurity education matters to government organizations and how training […] read more

ReliaQuest has discovered a security incident caused by the QBot banking trojan in a client’s environment. A threat actor gained access to the network via a phishing email, installed the QBot malware, and escalated privileges and established a foothold in 77 minutes. The attacker’s behavior indicated that they were a member of the Black Basta […] read more

Docker is a popular open-source containerization platform that helps to create, deploy, and manage applications in a containerized environment. Recently, concerns have been raised in the open-source community regarding the actions taken by Docker’s team. An email was sent to users mentioning that a Free Team organization subscription tier is no longer available. Moreover, their […] read more

Sometimes getting 101’s right comes down to how seriously you take the issue – whether it’s given the right level of priority. Take health 101’s: we know we shouldn’t eat too much fast food and that we should exercise, but without the evidence staring us in the face, we sometimes fail to get it right. […] read more

Offensive Security has announced the release of Kali Linux 2023.1, marking the 10th anniversary of the project. The latest version of the distribution includes a new distro named ‘Kali Purple’, designed for Blue and Purple teamers to enhance defensive security. The project is still in its early stages but already includes over 100 defensive tools […] read more

The sanctions imposed on the Russian government and its defense industry have caused some interesting issues in the open-source community. The conflict between Russia and Ukraine has led the US and other western governments to sanction the Russian government. Enforcing sanctions in community-driven open-source projects can be more difficult because many developers use pseudonyms and […] read more

IoT in manufacturing and production industries enables higher levels of automation, data collection, and efficiency, so it’s no surprise that IoT empowers manufacturers tremendously.  In this blog, I’ll be walking you through some of the most common benefits that manufacturers using IoT technology enjoy, best practices, and how organizations can secure their IoT environments with […] read more

Cybercriminals have found a new way to distribute info-stealing malware to unsuspecting users by abusing Adobe Acrobat Sign, a popular online document signing service. Avast researchers discovered that threat actors register with the service and use it to send malicious emails to predefined email addresses. The emails are designed to appear to be from the […] read more

A new Ubuntu Desktop is in development that provides the usual Ubuntu experience with the addition of Flatpak preinstalled. Since Canonical announced it to not include Flatpak by default, many users were unhappy with the decision. It is the unofficial flavor of Ubuntu that comes with complete support for the Flatpak package format. Although the […] read more

“No plan survives contact with the enemy” is one of the truisms of conflict. It’s somewhat (un)surprising how accurately this describes the cybersecurity posture of most organizations. Best laid plans can come crumbling down the minute an adversary tries something we did not account for, and this will not become apparent until it happens.   […] read more

Btrfs, the short form for “B-Tree File System,” is a Linux kernel-based, state-of-the-art file system that seeks to replace the current standard ext4 file system for Linux distributions while simultaneously providing next-generation features. These features include acting as a RAID array manager, volume manager, and much more. Btrfs has five different multiple disk topologies that […] read more

Reaching an acceptable level of cyber hygiene is a challenge for all healthcare providers, hospitals, and pharmaceutical companies. Many security breaches occur with legacy systems and redundant processes that often go unpatched and unmanaged, creating exposed vulnerabilities that can lead to future exploits. Fortunately, with a modern approach to vulnerability patching, organizations in the healthcare […] read more

Cybersecurity researchers from SentinelLabs discovered a new variant of the Icefire ransomware, with a specific focus on Linux enterprise systems. SentinelLabs was the first to detect the malware, which encrypts files on the infected system and demands a ransom for their release. It is identified as CVE-2022-47986 in the Common Vulnerabilities and Exposures (CVE) database. […] read more

Vanilla OS 2.0 had been using Ubuntu from its early development stages, but now it is all set to shift to Debian Sid. Vanilla OS 2.0 is one of the newer Linux distributions with the goal of providing a better Linux desktop experience. With the upcoming release of Vanilla OS 2.0 Orchid, the Vanilla OS […] read more

The core reason why organizations utilize CI/CD is that they’re supremely beneficial for system administration, live patching, or patch management, as well as testing code changes through integration and continuous delivery.    I’ll be walking you through what CI/CD tools are, how integral cloud CI/CD is for developers today, and the factors you should consider […] read more

A former TikTok risk manager has met with congressional investigators to express his concerns that the company’s plan for protecting user data in the United States is deeply flawed, pointing to evidence that could inflame lawmakers’ suspicion of the app at a time when many are considering a nationwide ban. According to the whistleblower, Project […] read more

In the current scenario where almost all software uses open-source code, at least one known open-source vulnerability was detected in 84% of them. The researchers at the application security company Synopsys investigated and found vulnerabilities in all commercial and proprietary code bases. Additionally, Synopsys researchers also discovered that high-risk vulnerabilities were present in 48% of […] read more

It’s been about a decade since the discovery of Heartbleed, a dangerous OpenSSL exploit that affected millions of systems – and a vulnerability that made its way into popular news media. History, right? Technology moves fast… ten years is a long time… and that vulnerability is long gone, right? Wrong.  We’re posting yet another article […] read more

Palo Alto Networks’ Unit42 researchers have discovered a new GoBruteforcer malware that targets phpMyAdmin, MySQL, FTP, and Postgres. The newly discovered Golang-based botnet malware seeks out and infects web servers running phpMyAdmin, MySQL, FTP, and Postgres services. According to the researchers: “For a successful execution, the samples require special conditions in the victim’s system, such […] read more

Several critical vulnerabilities were detected in the Linux kernel that could cause a denial of service (DoS), possibly execute arbitrary code, and leak sensitive information. Additionally, important updates for PHP and Sudo have been released to avoid the risk of unauthorized access, compromise of sensitive information and files, and DoS attacks. It is recommended for […] read more

Buffer overflow vulnerabilities are still a common route by which cyber criminals get illegal access to computer systems. It’s a growing problem too as there is a steady year-on-year increase in buffer overflow vulnerabilities. It’s an old problem too. You might not know this, but buffer overflow attacks are one of the oldest attack vectors – buffer […] read more

According to cybersecurity firm Mandiant, a North Korean espionage group known as UNC2970 has been carrying out spear-phishing attacks against media and technology organizations in the US and Europe since June 2022, using new and previously unknown malware families. The Mandiant report says security researchers were the primary targets of the attacks, which involved the […] read more

Linux Torvalds announced the first release candidate for Linux Kernel 6.3 on March 14, 2023. This kernel release candidate officially starts the testing phase for the upcoming Linux Kernel 6.3. With the release of Linux 6.2, the two-week merge window for Linux Kernel 6.3 opened automatically. The first Release Candidate (RC) version is now accessible […] read more

We need an opportunity to achieve our cybersecurity goals. The tighter this window, the harder it becomes to do our cybersecurity jobs. Recent reports stating that the time to exploit is still narrowing is, therefore, not good news.  In this article, we’ll outline how the window between vulnerability identification and exploitation has reduced, what that […] read more

PALO ALTO, Calif. – March 21, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it received top honors in this year’s coveted Cybersecurity Excellence Awards.   The company’s KernelCare Enterprise live patching solution took home the award program’s gold award in the Security Automation category. Providing fully automated security patching […] read more

Mandiant researchers have discovered a malware campaign that targets SonicWall SMA 100 Series appliances and is thought to have originated in China. The malware was most likely introduced in 2021 and has proven to be extremely resilient, withstanding firmware upgrades. Its primary goal is to steal user credentials and grant the attacker high-privileged access via […] read more

You don’t need to be a Linux mastermind to recover lost and deleted data in Linux. With the right know-how, you can recover both, and this goes for information that was corrupted and deleted by cybercriminals as well as data that was inadvertently deleted due to unpatched software or a faulty migration.  In this blog […] read more

Two buffer overflow vulnerabilities in the Trusted Platform Module (TPM) 2.0 specification could allow attackers to access or replace sensitive data such as cryptographic keys. Quarkslab security researchers uncovered the vulnerabilities in the Trusted Platform Module (TPM) 2.0 reference library specification, sparking a massive cross-vendor effort to identify and patch vulnerable installations. According to a […] read more

Canonical has released new Linux kernel security updates that address 17 vulnerabilities affecting Ubuntu 22.10, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS systems running Linux kernel 5.19 or Linux kernel 5.15 LTS. These updates arrived three weeks after the previous Ubuntu kernel security patches and are applicable to Ubuntu 22.10 (Kinetic Kudu) and Ubuntu 22.04 […] read more

Lucky Mouse, a cyber threat group, has created a Linux version of the malware called SysUpdate, increasing its ability to attack devices that use the operating system. This latest campaign, according to Trend Micro researchers, involved the distribution of both Linux and Windows variants of SysUpdate against a variety of targets, including a Philippines-based gambling […] read more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a free and open-source tool called Decider to assist defenders in mapping adversary behavior to the MITRE ATT&CK architecture. Decider is a software tool designed to simplify the process of mapping adversary behavior to the MITRE ATT&CK framework. It streamlines the mapping process by prompting […] read more

It’s crucial for organizations to adopt patch management best practices to keep their systems as secure as possible. I’ll be walking you through the importance of applying these practices for easy vulnerability management.  But first, let’s touch upon what patch management is and the best practices organizations can follow to streamline their operations while meeting […] read more

Brave Search now includes Summarizer, an AI-powered tool that provides a summarized answer to an inputted question before the rest of the search results. It responds to the user’s input with concise and to-the-point answers at the top of Brave Search results pages, based solely on Web search results. We trained our large language models […] read more

Recently, Canonical announced that all Ubuntu Flavors would not include Flatpak by default. Flatpak was introduced to Ubuntu several years ago with the goal of providing a user-friendly way to install and run applications that are not available in the Ubuntu repositories. Surprisingly, Ubuntu flavors have recently decided to stop their support for Flatpak for […] read more