A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of the distribution noticed a half-second delay in the updated version, which eventually led him to the flaw. The latter appears to be the brainchild of one of the new XZ maintainers, who pulled off an… Continue reading XZ Utils Backdoor Discovered, Threating Linux Servers
Tag: Linux
Vmmem High Memory and CPU Usage
Vmmem, short for “Virtual Machine Memory“, is a process that indicates the resource utilization by virtual machines on your system. It operates in tandem with virtual machines and remains inactive without any virtual machine activity. However, suppose you observe high CPU and memory consumption by the vmmem process. In that case, your virtual machine is… Continue reading Vmmem High Memory and CPU Usage
Shim Bootloader Vulnerability Affects Linux Systems
Researchers have identified a critical vulnerability in Shim, a widely-used Linux bootloader. This vulnerability could potentially allow attackers to execute malicious code and gain control of target systems before the kernel is even loaded. This flaw raises significant concerns because it can bypass security mechanisms. These mechanisms are typically enforced by the kernel and the… Continue reading Shim Bootloader Vulnerability Affects Linux Systems
Apache ActiveMQ Vulnerability Exploited In The Wild
Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems with Kinsing malware. That is a rare sight of a high-profile vulnerability being exploited to infect exclusively Linux machines. Apache ActiveMQ Vulnerability Allows for RCE Analysts… Continue reading Apache ActiveMQ Vulnerability Exploited In The Wild
GameOver(lay) Vulnerabilities Endanger 40% of Ubuntu Users
Cloud security researchers have discovered two easily exploitable privilege escalation vulnerabilities called GameOver(lay) in the Ubuntu OverlayFS module. These vulnerabilities could affect 40% of Ubuntu users. What is OverlayFS? OverlayFS in Linux is a unified file system used in Docker containers. Its function – modify files without changing the base filesystem. OverlayFS allows one directory… Continue reading GameOver(lay) Vulnerabilities Endanger 40% of Ubuntu Users
Information Security Experts Told About The Linux Malware Symbiote That Is Almost Undetectable
BlackBerry and Intezer specialists spoke about the new Symbiote Linux malware that infects all running processes on compromised systems, steals credentials and provides backdoor access to its operators. Let me remind you that we also said that Google Offers up to $91,000 for Linux Kernel Vulnerabilities, and also that Experts list 15 most attacked Linux… Continue reading Information Security Experts Told About The Linux Malware Symbiote That Is Almost Undetectable
Vulnerabilities in Linux Allow Gaining Superuser Rights
A Microsoft specialist has discovered vulnerabilities in Linux systems, the exploitation of which allows quickly gaining superuser rights. In total, two vulnerabilities were discovered (CVE-2022-29799 and CVE-2022-29800) and united under the common name Nimbuspwn. Problems are found in the networkd-dispatcher component of many Linux distributions, which dispatches network status changes and can run various scripts… Continue reading Vulnerabilities in Linux Allow Gaining Superuser Rights
Google Offers up to $91,000 for Linux Kernel Vulnerabilities
Google has almost doubled its rewards for vulnerabilities in the Linux kernel, Kubernetes, Google Kubernetes Engine (GKE), and kCTF. The reward can now be up to $91,337. In November last year, Google already increased the size of payments: then the company tripled rewards for exploits for previously unknown bugs in the Linux kernel. The idea… Continue reading Google Offers up to $91,000 for Linux Kernel Vulnerabilities
Google analysts noticed that software vendors began to fix Zero-day vulnerabilities faster
Google Project Zero specialists presented a report according to which software vendors began to fix 0-day vulnerabilities faster. For example, last year organizations needed less time than in previous years to fix 0-day vulnerabilities discovered by experts. On average, companies took 52 days to fix bugs, while three years ago they needed an average of… Continue reading Google analysts noticed that software vendors began to fix Zero-day vulnerabilities faster
Atlassian Confluence vulnerability was exploited to install miners
In late August, Atlassian released a hotfix for a Confluence Remote Code Execution (RCE) vulnerability. The issue has ID CVE-2021-26084 and allows an unauthenticated attacker to remotely execute commands on a vulnerable server. The issue has been reported to be dangerous for all versions of Confluence Server and Data Center. After the patch was released,… Continue reading Atlassian Confluence vulnerability was exploited to install miners