Hot Topics

cybersecurity threats

Ahoi Attacks: A New Threat to Confidential VMs in the Cloud

| | Ahoi Attacks, cloud environments, Cloud Infrastructure, Cloud Security, Cloud Threats, Confidential VMs, CVE-2024-25742, CVE-2024-25743, CVE-2024-25744, cybersecurity threats, enterprise security, Heckler, Linux & Open Source News, Linux kernel, SEV-SNP, WeSee
Researchers from ETH Zurich have uncovered a new attack method dubbed “Ahoi Attacks” that threatens the security of confidential virtual machines (CVMs) within cloud environments. Described as a family of attacks, there ...
TuxCare

DinodasRAT Malware: A Multi-Platform Backdoor Targeting Linux

| | cybersecurity threats, DinodasRAT, DinodasRAT Malware, enterprise security, KernelCare Enterprise, Linux & Open Source News, linux distros, linux live patching, Linux Server Security, linux servers, linux systems, live patching, Malicious code injection, Malware, XDealer
DinodasRAT, a C++-based malware, has emerged as a serious threat to Linux users. Initially discovered targeting Windows systems, researchers have recently reported a Linux variant of this multi-platform backdoor actively deployed in ...
TuxCare

CISA and FBI Issue Alert on SQL Injection Vulnerabilities

| | CISA Threat Update, clop-ransomware, Cyber Threats, cybersecurity defense strategies, cybersecurity risks, cybersecurity threats, enterprise security, FBI alert, Linux & Open Source News, ransomware attacks, secure by design, SQL, sql injection, SQL injection attacks, SQL Injection Vulnerabilities, SQLi Vulnerabilities
SQL injection vulnerabilities, often abbreviated as SQLi, persist as a significant issue in commercial software products. In response to a recent highly publicized malicious campaign exploiting SQLi vulnerabilities in a managed file ...
TuxCare

CISA Warns of Volt Typhoon Risks to Critical Infrastructure

| | BRONZE SILHOUETTE, cisa, CISA Advisories, CISA Threat Update, Cyber Threats, Cybersecurity, cybersecurity defense strategies, cybersecurity threats, Cybersecurity Weaknesses, enterprise security, FBI, FBI alert, FBI warning, Linux & Open Source News, NSA/CISA report, security risks, US critical infrastructure, Volt Typhoon
The recent joint warning issued by CISA, NSA, FBI, and other U.S. government and international partners highlights a critical cybersecurity threat: Volt Typhoon, a Chinese hacking group. This group has targeted critical ...
TuxCare

BunnyLoader Malware: Modular Features Help Evade Detection

| | BunnyLoader malware, credential harvesting, cryptocurrency theft, Cybercrime Trends, Cybersecurity News, cybersecurity threats, data theft, Infection chains, Malware Analysis, Malware Detection, Malware evasion tactics, Malware Evolution, Modular malware, Palo Alto Networks Unit 42
In the ever-evolving landscape of cybersecurity threats, a new variant of malware has emerged, posing significant challenges for detection and mitigation efforts. Known as BunnyLoader malware, it has recently undergone a transformation, ...
TuxCare

Loop DoS Attacks: 300K Systems At Risk Of Being Exploited

| | Application-layer protocols, Cequence Security, CISPA Helmholtz Center for Information Security, Cybersecurity News, cybersecurity threats, Denial of Service (DoS) attacks, DoS attack detection, DoS attack response, IP address spoofing, Loop DoS attacks, Network Security, UDP vulnerabilities
In a digital landscape where cybersecurity threats constantly evolve, a recent discovery by researchers at the CISPA Helmholtz Center for Information Security has unveiled a new form of attack known as “Loop ...
TuxCare

WordPress Sign1 Malware Infects Over 39K Sites In 6 Months

| | brute-force attacks, Cyber attack sequence, Cybersecurity News, cybersecurity threats, Evading detection techniques, Malicious code injection, Malicious JavaScript Injections, Malware Detection, Plugin vulnerabilities, Sucuri security, website compromise, Website Security, WordPress Sign1 malware
Recent media reports have revealed a malicious malware campaign that has been active for the past six months. Reports claim that the WordPress Sign1 malware has infected and compromised over 39,000 sites ...
TuxCare

DarkGate Malware Campaign Exploits Patched Microsoft Flaw

| | Advanced persistent threat (APT), Cyber Attack Mitigation, Cybersecurity News, cybersecurity threats, DarkGate Malware, DLL Sideloading, Exploit Techniques, Malicious Software Installers, Malware Analysis, Microsoft Flaw, patch management, Phishing Campaigns, Trend Micro, Water Hydra, Zero Day Initiative (ZDI)
The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. CVE-2024-21412 was the Microsoft patch that was exploited ...
TuxCare

LockBit Ransomware Resurgence After Law Enforcement Takedown

| | cybercrime, Cybersecurity News, cybersecurity threats, dark web, Data breaches, encryption, law enforcement, LockBit ransomware, Operation Cronos, Ransomware-as-a-Service (RaaS), Tor Network
LockBit ransomware, which has also been known as “ABCD,” has resurfaced on the dark web despite being dealt with strictly by the global law enforcement task force. This development of LockBit ransomware ...
TuxCare

New SSH-Snake Worm-Like Tool Threatens Network Security

| | Cyber Threats, Cybersecurity, cybersecurity defense strategies, cybersecurity threats, Cybersecurity Weaknesses, enterprise security, Linux & Open Source News, open source, self-modifying worm, SSH malware, ssh private keys, SSH security, SSH-Snake, SSH-Snake malware, SSH-Snake worm, Sysdig Threat Research Team
The Sysdig Threat Research Team (TRT) discovered that a threat actor is leveraging an open-source network mapping tool called SSH-Snake for malicious activities. This tool utilizes SSH credentials found on the compromised ...
TuxCare
Load more