OrBit: New evasive and persistent Linux malware
Researchers from Intezer have discovered a new evasive and persistent Linux malware dubbed OrBit.
Researchers from Intezer have discovered a new evasive and persistent Linux malware dubbed OrBit.
The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.
Researchers have discovered a new Linux malware dubbed Symbiote, a ‘nearly impossible to detect’ threat.
Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.
Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.
A High severity privilege escalation vulnerability CVE-2022-0847 dubbed “Dirty Pipe” was found in Linux kernel. The issue was fixed in Linux kernel versions 5.16.11, 5.15.25 and 5.10.102.
A new Linux privileged escalation vulnerability in Cgroups feature could cause container escape on unhardened hosts. This is the third in a line of similar Kernel vulnerabilities that could allow containers to escape.
Researchers have discovered a “trivially exploitable” local privilege escalation vulnerability (CVE-2021-4034) in Polkit’s pkexec tool that affects likely every major Linux distribution.
Ubuntu 21.04 (Hirsute Hippo) has reached its end-of-life (EOL) January 20, 2022, nearly nine months after its initial release.
Researchers have discovered 14 BusyBox vulnerabilities that impact embedded Linux OS used in many internet of things (IoT) and operational technology (OT) devices.