Tag: linux | Page 7

Windows-based ransomware now infects Linux devices as well

March 10, 2023/in Internet Security

A ransomware variant commonly known for encrypting Windows systems has recently been found targeting Linux devices as well.

According to a report by SentinelLabs, Linux versions of the ransomware strain IceFire have recently compromised the networks of several media and entertainment sector organizations worldwide. The operators behind the ransomware do this by exploiting a deserialization vulnerability in the IBM Aspera Faspex file-sharing software. After gaining access to the victim’s system, they will then deploy the IceFire ransomware, which will encrypt data and append the ‘.ifire’ extension to the affected files. The ransomware will finally delete itself to cover its tracks.

Interestingly enough, IceFire doesn’t encrypt all files on Linux. It actually avoids encrypting certain paths to ensure that critical parts of the system will remain operational and avoid further damage to the system.

Once the ransomware completes data encryption, it will drop a ransom note which asks the victim to contact the malware’s operators within five days. If they fail to do so, the note claims that the victim’s data will be publicly posted online.

IceFire is just one of many ransomware variants that have started targeting Linux systems. “While the groundwork was laid in 2021, the Linux ransomware trend accelerated in 2022 when illustrious groups added Linux encryptors to their arsenal,” SentinelLabs’ blog stated. Some of these variants include Conti, LockBit, Hive, and HelloKitty, among others.

Source…

Linux malware hit a new high in 2022

January 22, 2023/in Computer Security

Linux might be enjoying a boost as more and more devices get powered by the operating system, but with popularity also inevitably come crooks, with new reports claiming the number of malware targeting the software skyrocketing in 2022.

Findings from Atlas VPN based on data from threat intelligence platform AV-ATLAS, claims that in 2022 there were 1.9 million new Linux malware threats, bringing the figure up 50% year-on-year.

Most of the new Linux (opens in new tab) malware samples were discovered in the first three months of the year, the report further claims.

Secure operating system

In Q1 2022, researchers discovered 854,690 new strains. In Q2, the number dropped by 3%, with 833,065 new strains detected.

Malware developers for Linux must have taken a sabbatical in the third quarter of the year, as the number of new detections plummeted 91%, to 75,841. In the fourth quarter of the year, the figures picked up once again, growing by 117% to 164,697.

Despite these findings, Linux is still a “highly secure operating system”, the researchers say.

“The open-source nature of Linux allows for constant review by the tech community, leading to fewer exploitable security vulnerabilities. Additionally, Linux limits administrative privileges for users and compared to more widely used operating systems like Windows, it still has less malware targeting it.”

But crooks will not stop hunting for vulnerabilities in the world’s fifth most popular operating system, and businesses and consumers alike should always be on the lookout, the researchers concluded.

Linux might not be as popular as Windows, or macOS, but it’s a widely used operating system. From Android devices (which are built on Linux), to Chromebooks, video cameras, wearable devices, to all kinds of servers (web servers, database servers, email servers, etc.) there are more than 32 million endpoints running on Linux.

Source…

The ParrotSEC Linux operating system for Hackers|r Cyber Security operations #Ts_Hacking

January 17, 2023/in Video

Kali Linux: What’s next for the popular pentesting distro?

January 3, 2023/in Mobile Security

If you’re interested in penetration testing and digital forensics, you know that Kali Linux is worth a try. And if you’re already doing it, chances are good you are already using it.

We talked to Jim O’Gorman, Chief Content and Strategy Officer at Offensive Security (OffSec), about the direction in which the development of the open-source distro is headed.

Kali Linux future

[The answers have been edited for clarity.]

Kali Linux keeps growing and improving. How much does user feedback influence where you want to go next? What do users want the most?

Two questions drive Kali’s development:

1. What needs to be done to ensure that Kali Linux is the best possible platform for professional and hobbyist information security work?
2. What needs to be done to ensure that Kali is the best possible platform for information security training?

There is a lot of overlap between those two questions, but realistically they are separate and distinct items. However, by getting them both right on a single platform, we create an environment where people can train, study, and learn, but also use the same platform for real-world efforts. In essence, it means that you train like you fight.

The answer to the first question is driven by input from the Kali and OffSec teams. As infosec professionals ourselves, what are the things we run into on a day-to-day basis and how do we make our life easier by ensuring the toolset is of the highest quality possible? We also work closely with OffSec’s pentesting team.

We also listen to input from other Kali users. Kali is a totally open-source project and anyone and everyone can pitch in and contribute. And they do! If you wish a tool to be included in Kali, package it and submit it! If you wish a configuration worked a certain way out of the box, modify the package and submit the change. It’s very direct and easy to do, and it is in our documentation. Anyone – regardless of their background – can play a part.

The second way users influence development is through bug reports, feature requests, and conversations on OffSec’s Discord and other social media. The Kali team is out there as part of the infosec community – talk to us and let us know what you are…

Source…

Tag Archive for: linux

Kali Linux keeps growing and improving. How much does user feedback influence where you want to go next? What do users want the most?