What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Linux

S3 Ep30: AirDrop worries, Linux pests and ransomware truths [Podcast]

by Paul Ducklin We investigate whether AirDrop is really as dangerous as researchers claimed. We discuss the pestiferous problem of fake Linux bugs submitted as an academic exercise. We review the latest Sophos Ransomware Report and uncover uncomfortable truths about paying up. With Kimberly Truong, Doug Aamoth and Paul Ducklin. . . . Read more

Pwn2Own 2021: Zoom, Teams, Exchange, Chrome and Edge “fully owned”

by Paul Ducklin The annual Pwn2Own contest features live hacking where top cybersecurity researchers duke it out under time pressure for huge cash prizes. Their quest: to prove that the exploits they claim to have discovered really do work under real-life conditions. Indeed, Pwn2Own is a bug bounty program with . . . Read more

S3 Ep25: Drained accounts, ransomware attacks and Linux badware [Podcast]

by Paul Ducklin How a social engineer ripped off a victim lured in by one of those “small outstanding fee to pay” home delivery scams. The ransomware crooks targeting networks that still haven’t done their Hafnium patches. And the Linux kernel security holes that lay there undiscovered for 15 years. . . . Read more

S3 Ep18: Apple emergency, crypto blunder and botnet takedown [Podcast]

by Paul Ducklin Apple pushed out an iOS update in something of a hurry to shut down a serious 0-day bug. The GnuPG team scrambled to fix an ironic vulnerability that could be exploited during the very process of checking if the data you just received could be trusted. And . . . Read more

ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands

At least 6,500 cryptocurrency users have been infected by new, ‘extremely intrusive’ malware that’s spread via trojanized macOS, Windows and Linux apps. A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private . . . Read more

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

The worm returned in recent attacks against web applications, IP cameras and routers. The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices. First discovered in a round of late-October attacks that targeted Linux-based . . . Read more

Agent Tesla Keylogger Gets Data Theft and Targeting Update

The infamous keylogger has shifted its targeting tactics and now collects stored credentials for less-popular web browsers and email clients. Six-year-old keylogger malware called Agent Tesla has been updated again, this time with expanded targeting and improved data exfiltration features. Agent Tesla first came into the scene in 2014, specializing . . . Read more

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

The malware takes aim at PostgreSQL database servers with never-before-seen techniques. An innovative Linux-based cryptocurrency mining botnet has been uncovered, which exploits a disputed PostgreSQL remote code-execution (RCE) vulnerability to compromise database servers. The malware is unusual and completely novel in a host of ways, researchers said. According to researchers . . . Read more