Beware of a new threat in the cyber realm: the ‘Ddostf’ malware botnet is on the prowl, specifically targeting MySQL servers. This malicious botnet enslaves MySQL servers for a sinister purpose – running a DDoS-as-a-Service platform that can be rented out to other cybercriminals. The discovery of this nefarious campaign comes courtesy of the diligent […] read more

Cybersecurity incidents are more than availability problems Malicious actors are using the legal process to their advantage Personal liability for cybersecurity mishandling is becoming more common   Cybersecurity incidents, once dismissed as minor disruptions, have evolved into significant threats with far-reaching consequences. Initially seen as temporary setbacks, their impact on business operations was underestimated. Over […] read more

On Tuesday, November 14th, 2023, the United States (US) government initiated the IPStrom takedown, Russian mastermind pled guilty to being the brains behind the operation. The IPStrom malware network was taken down as the botnet had infected Windows systems and other electronic devices worldwide.  In this article, we’ll shed light on why this event is […] read more

For the past six months, an unidentified threat actor has been slipping malicious packages into the Python Package Index (PyPI), a repository for Python software. The aim? To unleash malware capable of sneaking into your system, stealing sensitive data, and even nabbing your hard-earned cryptocurrency. According to a recent report by Checkmars, these 27 packages […] read more

Security-Enhanced Linux (SELinux) is a powerful solution for improving the security posture of Linux-based systems. Developed by the National Security Agency (NSA), it has been integrated into many Linux distributions. SELinux utilizes security policies as a key component of its architecture. SELinux policies are a set of rules and configurations that define the access controls […] read more

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning against the Rhysida ransomware threat. As per the FBI and CISA warning, it has been noted that threat actors are launching attacks targeting organizations spread across varying industries.  Today, we’ll share with you all the threat […] read more

Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the way your organization protects its data and customers. At TuxCare, we understand the importance of safeguarding your valuable data and ensuring the smooth operation of your Linux infrastructure. That’s why […] read more

The latest Linux kernel 6.6, released in late October 2023, has taken an unexpected turn by being officially a Long Term Support (LTS) on kernel.org. That means Linux users will get a stable and supported experience for at least three years! It arrived with a host of features, including Intel Shadow Stack support, a spanking […] read more

In a recent revelation, SysAid, a leading IT management software provider, has unveiled a critical security threat affecting its on-premises software. The threat actor, identified as DEV-0950 or Lace Tempest by Microsoft, previously linked to the notorious Clop ransomware group, is now exploiting a zero-day vulnerability labeled CVE-2023-47246. This vulnerability, if left unaddressed, can pave […] read more

Cybersecurity is what protects your company’s important information from threats such as malware and data breaches. A cybersecurity strategy sets out the current risks facing your company’s IT system, how you plan to prevent them, and what to do if they occur.    Let this article be your one-stop guide to developing an effective cybersecurity […] read more

The next major release, Linux kernel 6.7, is on its way, with the first Release Candidate (RC) now available for public testing. According to Torvalds, this merge window is the biggest ever, boasting an impressive 15.4k non-merge commits. One of the standout features of Linux 6.7 is the introduction of the bcachefs file system. This […] read more

In a recent revelation, a cluster of malicious Python packages has infiltrated the Python Package Index (PyPI), posing a significant threat to developers’ systems by aiming to pilfer sensitive information. These deceptive packages, initially appearing as innocuous obfuscation tools, conceal a potent malware named BlazeStealer. In this blog post, we’ll cover the details of BlazeStealer […] read more

IoT device management refers to the process of remotely overseeing, configuring, monitoring, and maintaining Internet of Things (IoT) devices. It involves tasks like provisioning, firmware updates, security management, data monitoring, and troubleshooting to ensure the efficient and secure operation of IoT devices throughout their lifecycle. This management is typically done using centralized software and tools, […] read more

Veeam has recently released essential updates to address four security vulnerabilities in its Veeam ONE monitoring and analytics platform. Two of them are critical, and it is crucial to apply these fixes to maintain the security of your systems. The critical vulnerabilities were given nearly the highest severity ratings (9.8 and 9.9 out of 10 […] read more

In a recent wave of cyber disruptions, the elusive Anonymous hacker group Sudan, self-identified as Storm-1359, claimed responsibility for orchestrating a distributed denial-of-service (DDoS) attack that temporarily incapacitated Cloudflare’s website. The  Anonymous Sudan DDoS attack Cloudflare incident sent shockwaves through the cybersecurity community, prompting investigations and discussions around the motives and authenticity of the group’s […] read more

You’re probably familiar with web security risks. If you’re running a small business, whether online, bricks and mortar or both, you hopefully have some kind of security for your online presence.    If not, you need to read this. If you do have online security, this article is still for you. In the following sections, […] read more

The AlmaLinux OS Foundation has just dropped the latest version of its open-source operating system, and it’s a game-changer. Say hello to AlmaLinux OS 9.3, codenamed “Shamrock Pampas Cat” – a name as cool as the improvements it brings. What’s the buzz, you ask? Well, AlmaLinux OS 9.3 is all about boosting flexibility, reliability, and […] read more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a notable update incorporating a high-severity vulnerability in the Service Location Protocol (SLP) into its Known Exploited Vulnerabilities (KEV) catalog. This decision stems from the agency’s identification of active exploitation, emphasizing the critical need for organizations to take swift action against the SLP vulnerability KEV.   […] read more

Stands as the company’s 10th active ELS Program, positioning TuxCare as a clear innovator in protecting end-of-life offerings   PALO ALTO, Calif. – November 20, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced the launch of its latest Extended Life Support service aimed at helping Debian 10 users navigate its […] read more

Attention Docker users: a new threat known as OracleIV is on the rise, targeting publicly accessible Docker Engine API instances. Researchers from Cado have uncovered a campaign where attackers exploit misconfigurations to turn machines into a distributed denial-of-service (DDoS) botnet.   DDoS Botnet Attack Details   The attackers use an HTTP POST request to Docker’s […] read more

Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the way your organization protects its data and customers. At TuxCare, we understand the importance of safeguarding your valuable data and ensuring the smooth operation of your Linux infrastructure. That’s why […] read more

In a recent discovery, 48 malicious npm packages have been found lurking in the npm repository. These tricky packages have the power to deploy a reverse shell on compromised systems, which is a serious concern. What makes this situation even more alarming is that these packages were disguised to look legitimate. They contained obfuscated JavaScript […] read more

In a significant revelation, security experts have uncovered a substantial number of Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with potential vulnerabilities that could be exploited by malicious actors. These drivers, if compromised, could enable attackers without privileged access to take control of devices and execute unauthorized code on affected systems. In […] read more

In 2014, the cybersecurity community witnessed a critical OpenSSL vulnerability, “Heartbleed,” which changed how the world perceived digital security. It is considered to be among the most serious flaws in internet history. Heartbleed not only exposed the weaknesses in popular cryptographic protocols but also the potential repercussions of a small coding error.   Following the […] read more

CISA has put a spotlight on a high-severity Service Location Protocol (SLP) vulnerability. CISA has bumped it up to the Known Exploited Vulnerabilities catalog. Why the fuss? Well, there’s evidence of bad actors actively taking advantage of it to pull off denial-of-service (DoS) attacks.   SLP Vulnerability Details   This SLP (CVE-2023-29552) is no small […] read more

PALO ALTO, Calif. – November 15, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it’s now offering early access to its CentOS 7 Extended Lifecycle Support (ELS) repository. Organizations can now gain missing patches to numerous vulnerabilities in CentOS 7 – which are labeled as critical or high by NIST. […] read more

In the world of cybersecurity, new threats emerge constantly, and it’s vital for organizations to stay vigilant. Recently, a critical vulnerability, known as CVE-2023-46604, has been making headlines due to its exploitation by the Hello Kitty ransomware group. In this blog post, we’ll delve into the details of the Apache ActiveMQ vulnerability and explore how […] read more

In today’s business world, companies are determined to create software faster than ever before. Developers are under immense pressure to deliver products to customers quickly. To accelerate this process, developers often rely on pre-made “building blocks” – open-source components. This means that modern software is frequently assembled from existing parts rather than being built entirely […] read more

Atlassian has issued a warning regarding a Confluence vulnerability that could expose your system to data destruction attacks. This vulnerability, identified as CVE-2023-22518, is an authentication bypass issue with a severity rating of 9.1/10. Later, it was increased to 10, the highest critical rating, due to the change in the scope of the attack. It […] read more

In today’s digital landscape, ensuring the security and integrity of your data is paramount. Atlassian, a prominent software company, recently issued a crucial advisory regarding Confluence, a popular collaboration and document management tool. This Atlassian Confluence data wiping alert highlights a security flaw, tracked as CVE-2023-22518, that poses a significant threat to Confluence Data Center […] read more

While checking my cybersecurity news feed a couple of days ago, an account (re-)publishing stories from years gone by was highlighting a late 2000 (actual year 2000, not the decade) event involving Microsoft and a hack that affected the company. This breach was notable because Microsoft had issued a patch for the relevant vulnerability 10 […] read more

Recently, there has been a concerning development in the world of cloud security. A group of threat actors linked to Kinsing is actively targeting cloud environments. They are doing this by taking advantage of a newly disclosed Linux privilege escalation flaw called Looney Tunables. In their new experimental campaign to breach cloud environments, these threat […] read more

Are you passionate about technology and eager to make a significant impact in the world of Linux security, cybersecurity, or open-source software? Look no further! TuxCare and its parent company, CloudLinux, are currently seeking exceptional individuals to join our talented global team.    Our team is responsible for creating and maintaining advanced and cutting-edge Linux […] read more

In a surprising turn of events, the Mozi botnet experienced a sudden and significant drop in malicious activities in August 2023. This unexpected decline was attributed to the deployment of a “kill switch” that was effectively distributed to the infected bots. In this article, we will delve into the intricacies of the Mozi IoT Botnet […] read more

The looming end of life (EOL) for CentOS Stream 8 – set for May 31, 2024 – presents both challenges and opportunities for developers, administrators, and users alike. It’s essential to consider the implications of continuing to use an OS that has become a “development” branch rather than the stable enterprise-grade server OS it once […] read more

When it comes to securing the CentOS server, one of the essential tools at your disposal is Firewalld. Firewalld is, by default, available in CentOS 7 and many other RHEL-compatible Linux distributions. It provides a user-friendly and dynamic way to manage firewall rules and configurations.   In this article, we will explore what Firewalld is, […] read more