Canonical, the driving force behind the popular Ubuntu operating system, has just unveiled the beta version of Ubuntu 24.04 LTS (code-named “Noble Numbat“). This release, aimed at public testing, offers users a sneak peek into the upcoming features and improvements before the official launch on April 25, 2024.   What’s Under the Hood?   Ubuntu […] read more

PHP 5 end of life left applications vulnerable to exploits due to the lack of ongoing security patches and updates. Sticking with PHP 5 restricts access to new features and performance improvements available in later versions. TuxCare’s Extended Lifecycle Support (ELS) for PHP offers security patching for end-of-life PHP versions. As a widely utilized language […] read more

Palo Alto Networks, a leading cybersecurity company, has recently issued a warning about a critical vulnerability in its PAN-OS software, specifically affecting its GlobalProtect gateways. The Palo Alto zero-day attack flaw, identified as CVE-2024-3400, carries a maximum CVSS severity score of 10.0, reflecting the critical risk it poses to users. It allows unauthenticated attackers to […] read more

The Ubuntu security team has recently rolled out critical security updates aimed at addressing several vulnerabilities identified in Squid, a widely used web proxy cache server. These vulnerabilities, if left unaddressed, could potentially expose systems to denial-of-service attacks. Let’s delve into the specifics of these vulnerabilities and understand their implications.   Recent Squid Vulnerabilities Fixed […] read more

A critical flaw has been discovered in the Rust standard library that could lead to serious command injection attacks against Windows users. The BatBadBut vulnerability, tracked as CVE-2024-24576, carries the highest possible CVSS score of 10.0, indicating the utmost severity. However, its impact is limited to scenarios where batch files are invoked on Windows systems […] read more

PALO ALTO, Calif. – April 23, 2024 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced that Glen Kuhne now serves as vice president of enterprise sales. Kuhne previously served as TuxCare’s enterprise customer success manager since January 2021.  Helping drive much of TuxCare’s ongoing growth throughout the last three years, Kuhne […] read more

Have you ever downloaded a file and wondered if it’s safe? Now, there’s a powerful new weapon in the fight against malware thanks to the Cybersecurity and Infrastructure Security Agency (CISA). They’ve released a free tool called Malware Next-Gen that allows anyone to submit suspicious files for analysis.   What is Malware Next-Gen   It […] read more

Several security vulnerabilities have been identified in LG webOS, the operating system running on LG smart TVs. These LG Smart TV vulnerabilities could be exploited to bypass authorization controls and gain root access to the devices. Romanian cybersecurity firm Bitdefender discovered the LG Smart TV vulnerabilities in November 2023, and LG released updates on March […] read more

Recently, researchers uncovered a significant threat dubbed Spectre v2, a variant of the notorious Spectre attack, targeting Linux systems running on modern Intel processors. Let’s delve into the intricacies of this exploit, its implications, and the measures being taken to mitigate its impact.   Spectre v2 Attack Details   The first native Spectre v2 exploit […] read more

The virsh command is used for managing guest virtual machines.  You can start, stop, reboot, and get information about VMs effortlessly with commands. Automating security patching on KVM virtualization systems is possible with the QEMUCare live patching solution.   KVM (Kernel-based Virtual Machine) is a powerful open-source virtualization technology built into the Linux kernel. It […] read more

Researchers at Proofpoint have found out that the TA547 phishing attack campaigns have been targeting different German companies. Identified as TA547, the threat actor has been using an information stealer called Rhadamanthys to get its hand on important financial data of companies. This information is then used by several cybercriminal threat actors. The TA547 phishing […] read more

PHP Extended Lifecycle Support (ELS) allows you to continue using older versions of PHP while still receiving security updates for the language, without introducing breaking changes to your application. The first and obvious question might be, “Why would I want to do that instead of simply updating PHP?” Assuming your organization can upgrade your existing […] read more

In light of cookie stealing attacks and to ensure Chrome browser protection, Google has recently piloted its new Chrome DBSC. The device-bound session credentials (DBSC) are aimed at protecting users against cookie theft that threat actors may carry out using malware.  It’s worth noting that the Chrome DBSC prototype has only been tested against some […] read more

On April 3, 2024, the Linux kernel maintainer Greg Kroah-Hartman announced the last 6.7.12 kernel version and end of life (EOL) for the Linux kernel 6.7 series. All users are encouraged to upgrade to the latest Linux kernel 6.8 immediately. Linux kernel 6.7 was initially released on January 7, 2024, introducing several new features and […] read more

Management and support are key components for the efficient utilization of an operating system in cloud computing environments. Adopting security best practices like regular updates, disabling unnecessary services, and configuring firewalls are essential. TuxCare’s Enterprise Support for AlmaLinux offers several key benefits, making it an indispensable partner for managing AlmaLinux deployments.   AlmaLinux is a […] read more

In the realm of smartphone security, the recent spotlight has fallen on Google Pixel devices, where two zero-day vulnerabilities have been unearthed and promptly addressed by Google. As per recent reports, the Android zero-day flaw, and others like it, were exploited by forensic firms, shedding light on the intricacies of smartphone security and the measures […] read more

Researchers from ETH Zurich have uncovered a new attack method dubbed “Ahoi Attacks” that threatens the security of confidential virtual machines (CVMs) within cloud environments. Described as a family of attacks, there are two variations: Heckler and WeSee. This article explores the technical details of these attacks and their potential impact.   Heckler   Heckler […] read more

In the digital landscape, security is paramount, especially for web servers handling vast amounts of data. As per recent reports, a vulnerability has emerged within the HTTP/2 protocol, shedding light on potential Denial of Service (DoS) attacks. Let’s explore the intricacies of the HTTP/2 vulnerability, its implications, and recommended measures for safeguarding against such threats. […] read more

Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD (Value Change Dump) files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users. The security updates address a total of 82 identified vulnerabilities. This article details some of the patched […] read more

An increasing proportion of critical business infrastructure today exists in the cloud. Companies are investing more and more in digital assets and tools every day. In some industries, workflows are entirely cloud based, leaving a company’s lifeblood in the hands of digital infrastructure. This trend hasn’t gone unnoticed by cybercriminals. They’ve taken to assaulting cloud […] read more

In recent news, the U.S. Cyber Safety Review Board (CSBR) has raised concerns over Microsoft’s handling of the Storm-0558 attacks, highlighting significant security lapses that allowed a China-based nation-state group to breach the defenses of numerous organizations. Let’s have a look at these findings and the implications of the CSBR’s critique, shedding light on key […] read more

DinodasRAT, a C++-based malware, has emerged as a serious threat to Linux users. Initially discovered targeting Windows systems, researchers have recently reported a Linux variant of this multi-platform backdoor actively deployed in cyberattacks. This article explores the capabilities of DinodasRAT (also known as XDealer) and the dangers it poses to Linux servers. Recent findings from […] read more

Protecting the web server with sensitive information is crucial to secure your website. Linux servers are one of the most popular choices among developers and businesses. According to a report, 96.3% of the top 1 million web servers run on Linux. So, there is no denying that Linux has a massive market presence, and data […] read more

Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and infections. If exploited, the flaw allows users to add SQL queries, which, in turn, gives them access to sensitive information. In this article, we’ll dive into the details of the […] read more

In a digital landscape fraught with threats, vigilance is paramount. The cybercriminals are exploiting End-of-Life devices to perpetrate their malicious activities. Recently, Black Lotus Labs, the formidable threat intelligence arm of Lumen Technologies, has cast light upon a looming menace: TheMoon botnet.  This insidious entity, lurking within the shadows of outdated small office/home office (SOHO) […] read more

Multiple security vulnerabilities were discovered in Cacti, a widely used web interface for monitoring system graphs. These vulnerabilities, if exploited, could lead to severe consequences such as cross-site scripting (XSS), SQL injection, or command injection. In response, the Debian security team has promptly released security updates to mitigate these vulnerabilities in Debian 11 “Bullseye” and […] read more

Two terms frequently trip up even seasoned data security professionals: patch management and vulnerability management. But while both are undeniably crucial for keeping your digital systems secure—and share similarities—they play distinct roles. The former is a swift responder that plugs security holes before threats can exploit them. It’s a subset of the latter, which involves […] read more

In light of recent cyber threats, a CISA SharePoint vulnerability warning has been issued. According to media reports, threat actors are exploiting the remote code execution flaw to launch arbitrary code, which allows them to have Site Owner privileges. This CISA SharePoint vulnerability has also been added to the CISA Known Exploited Vulnerabilities (KEV) catalog.  […] read more

A vulnerability has been identified in the wall command-line utility in Linux, which could allow an attacker to steal user passwords or modify the clipboard on the victim’s system. Dubbed “WallEscape” and officially tracked as CVE-2024-28085, the vulnerability resides in the wall command within the util-linux package, present in Linux distributions for over a decade, […] read more

In light of recent cyber threats, the Dracula phishing platform has prevailed, targeting organizations in over 100 countries. The Dracula phishing attacks are centered on leveraging an immense network of over 20,000 counterfeit domains to scale the implementation of malicious intent.  As per recent reports, the Dracula phishing campaign encompasses several high-profile attacks where both […] read more

SQL injection vulnerabilities, often abbreviated as SQLi, persist as a significant issue in commercial software products. In response to a recent highly publicized malicious campaign exploiting SQLi vulnerabilities in a managed file transfer application, impacting a multitude of organizations, CISA and the FBI issued the Secure by Design Alert. They advise senior executives in technology […] read more

In an unexpected move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced an initiative aimed at bolstering the security posture of open-source software developers. This initiative, as reported by Axios, marks a significant pivot in the federal government’s approach to cybersecurity, acknowledging the critical role that open-source projects play in the foundational infrastructure […] read more

In light of the recent cybercriminal activity, new user sign-ups on the PyPI platform were halted. Currently, an increase in PyPI malicious package uploads is being deemed the reason behind the suspension. In this article, we’ll dive into the details of the PyPI malicious package uploads and learn more about the temporary suspension the administrator […] read more

Update April 8th, 2024: Updated ETA for CloudLinux 6h and CloudLinux 7. Update April 10th, 2024: Live patch for CloudLinux 6h and CloudLinux 7 are now available. The KernelCare team is working on deploying a live patch for CVE-2024-1086 for CloudLinux users. A patch has already been released for CloudLinux 6h and CloudLinux 7, and […] read more

The recent joint warning issued by CISA, NSA, FBI, and other U.S. government and international partners highlights a critical cybersecurity threat: Volt Typhoon, a Chinese hacking group. This group has targeted critical infrastructure in the United States, raising concerns about potential disruption in the face of geopolitical tensions. Volt Typhoon’s hacking tactics are particularly concerning […] read more

Handling end of life (EOL) for operating systems is a relatively common, if cumbersome, task that IT teams have to grapple with as part of their activity. Yet, operating systems aren’t the sole components of our digital infrastructure facing this inevitable sunset. The end of support for critical software components, particularly programming languages, can trigger […] read more