January 31, 2024 at 03:40PM Multiple security vulnerabilities in the runC command line tool have been disclosed, known as Leaky Vessels. These vulnerabilities could allow threat actors to escape container boundaries and launch further attacks, potentially accessing sensitive data and superuser privileges. The flaws have been addressed in runC version 1.1.12, and users are advised … Read more
November 14, 2023 at 07:10PM The U.S. Department of Justice has announced the takedown of a botnet proxy service called IPStorm. The service allowed cybercriminals to run malicious traffic anonymously through various devices worldwide. A Russian-Moldovan national named Sergei Makinin pleaded guilty to computer fraud charges in connection to the case. Makinin profited from selling … Read more
November 3, 2023 at 09:42AM The Kinsing threat actors are exploiting a Linux privilege escalation flaw called Looney Tunables in a new experimental campaign aimed at breaching cloud environments. They are also extracting credentials from Cloud Service Providers. This is the first documented instance of active exploitation of Looney Tunables, allowing the threat actors to … Read more
October 26, 2023 at 09:31AM Researchers at Kaspersky have discovered that a malware called StripedFly, initially thought to be a basic cryptominer, is actually a sophisticated spy platform infecting over 1 million victims. The malware allows attackers to gain control over networks, exfiltrate data, and mine cryptocurrency. It includes a Tor network tunnel and uses … Read more
October 14, 2023 at 07:41AM Ubuntu, the popular Linux distribution, has removed its Desktop release 23.10 after discovering hateful language in the Ukrainian translations. A malicious contributor injected anti-Semitic, homophobic, and xenophobic slurs into the distribution using a third-party tool. Ubuntu has taken down the affected images and will release a new version once the … Read more
October 12, 2023 at 09:59AM The recently fixed vulnerabilities in the command-line tool curl and the libcurl library require security teams to identify and remediate impacted systems. The vulnerabilities can only be exploited under specific conditions. Organizations should scan their environment using software analysis tools to assess which systems are using curl and libcurl. Additionally, … Read more
October 10, 2023 at 04:47PM Researchers have discovered a vulnerability in a library used by the GNOME desktop environment for Linux systems. Exploiting the vulnerability through a malicious link could allow attackers to take over machines. The issue lies in a dependency called “libcue” used by a default GNOME application called “tracker-miners.” The researchers have … Read more
October 10, 2023 at 12:07PM Researchers have discovered a high-severity remote code execution (RCE) vulnerability in a component of GNOME-based Linux distros. Tracked as CVE-2023-43641, the exploit takes advantage of the libcue library, used to parse cue sheets, and the tracker-miners application. The vulnerability affects all GNOME-based distros and can be triggered by downloading a … Read more