Linux Archives - Securezoo

OrBit: New evasive and persistent Linux malware

Malware, Vulnerabilities & Exploits / By Frank Crast / July 9, 2022 July 9, 2022 /

Researchers from Intezer have discovered a new evasive and persistent Linux malware dubbed OrBit.

Tags: Cybersecurity Threat Center, Linux, malware, OrBit, payload

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / June 30, 2022 June 30, 2022 /

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

Tags: Chromium, CISA, CVE-2018-4344, CVE-2019-8605, CVE-2020-3837, CVE-2020-9907, CVE-2021-30983, Linux, pkexec, polkit, PwnKit

Symbiote: Linux malware ‘nearly impossible to detect’ threat

Cybersecurity Attacks, Malware / By Frank Crast / June 11, 2022 June 11, 2022 /

Researchers have discovered a new Linux malware dubbed Symbiote, a ‘nearly impossible to detect’ threat.

Tags: Blackberry, BPF, Cyberattack, Cybersecurity Threat Center, Linux, malware, Symbiote

XorDdos: DDoS malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / May 21, 2022 May 21, 2022 /

Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.

Tags: DDoS, Linux, malware, XORDDoS

security, professional, secret-5199239.jpg

Microsoft discovers Nimbuspwn Linux vulnerabilities

Vulnerabilities & Exploits / By Frank Crast / April 26, 2022 April 26, 2022 /

Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.

Tags: CVE-2022-29799, CVE-2022-29800, kernel, Linux, Microsoft, Nimbuspwn

Dirty Pipe privilege escalation vulnerability found in Linux kernel

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 11, 2022 March 13, 2022 /

A High severity privilege escalation vulnerability CVE-2022-0847 dubbed “Dirty Pipe” was found in Linux kernel. The issue was fixed in Linux kernel versions 5.16.11, 5.15.25 and 5.10.102.

Tags: CVE-2022-0847, Dirty COW, Dirty Pipe, Linux

Linux Cgroup vulnerability can cause container escape

Vulnerabilities & Exploits / By Frank Crast / March 5, 2022 March 13, 2022 /

A new Linux privileged escalation vulnerability in Cgroups feature could cause container escape on unhardened hosts. This is the third in a line of similar Kernel vulnerabilities that could allow containers to escape.

Tags: Cgroup, CVE-2022-0492, Linux, SELinux

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 31, 2022 June 30, 2022 /

Researchers have discovered a “trivially exploitable” local privilege escalation vulnerability (CVE-2021-4034) in Polkit’s pkexec tool that affects likely every major Linux distribution.

Tags: CVE-2021-4034, Linux, pkexec, polkit, Qualys, setuid, SUID

Ubuntu 21.04 (Hirsute Hippo) end-of-life January 20, 2022

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 21, 2022 January 21, 2022 /

Ubuntu 21.04 (Hirsute Hippo) has reached its end-of-life (EOL) January 20, 2022, nearly nine months after its initial release.

Tags: CVE-2022-0185, EOL, Linux, Ubuntu, Ubuntu 21.04

BusyBox vulnerabilities impact embedded Linux OS used in IoT and OT devices

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 9, 2021 November 9, 2021 /

Researchers have discovered 14 BusyBox vulnerabilities that impact embedded Linux OS used in many internet of things (IoT) and operational technology (OT) devices.

Tags: BusyBox, Claroty, IOT, JFrog, Linux, Team82