LINUX Archives - Cybersecurity News Everyday

Shifting the sands of RansomHub’s EDRKillShifter

ESET researchers examine the ransomware landscape in 2024, highlighting the emergence of RansomHub, a prominent ransomware-as-a-service (RaaS) group linked to established gangs like Play, Medusa, and BianLian. The article discusses the rise of EDR killers, particularly EDRKillShifter, developed by RansomHub, and reflects on the shifting dynamics of ransomware payments and victim statistics.…

Threat Research

New Phishing Campaign Uses Browser-in-the-Browser Attacks to Target Video Gamers/Counter-Strike 2 Players

March 27, 2025 admin

A new phishing campaign targets Counter-Strike 2 players through complex browser-in-the-browser (BitB) phishing attacks using fake pop-up windows that impersonate legitimate sites. The campaign aims to steal Steam credentials, especially affecting fans of the esports team Navi, with potential resale of compromised accounts on various platforms.…

Cyber Security News

Critical Authentication Bypass Flaw Impacts VMware Tools for Windows

March 27, 2025 Cyware

Summary: Broadcom has released security updates for a severe authentication bypass vulnerability (CVE-2025-22230) affecting VMware Tools for Windows, allowing low-privileged attackers to escalate privileges. This flaw, caused by improper access control, affects VMware Tools versions 12.x.x and 11.x.x. Affected organizations are urged to update urgently, as exploitation in the wild may pose significant risks.…

Cyber Security News

Update: Public Exploit Released for Linux Kernel Privilege Escalation Bug

March 26, 2025 Cyware

Summary: A newly disclosed security vulnerability, CVE-2025-0927, affects the Linux kernel, particularly Ubuntu 22.04 users, allowing local privilege escalation due to a heap overflow in the HFS+ file system. This flaw, present since 2005, could enable attackers to exploit the vulnerability via specially crafted filesystems without needing physical access.…

Threat Research

GorillaBot: Technical Analysis and Code Similarities with Mirai

March 26, 2025 AnyRun

GorillaBot is a newly discovered Mirai-based botnet known for launching over 300,000 attacks in more than 100 countries. This botnet employs sophisticated evasion techniques and secure communication methods with its command-and-control servers. It presents a significant threat to various sectors, highlighting the urgent need for cybersecurity responses.…

Interesting Stuff

Unveiled the Threat Actors

March 25, 2025March 25, 2025 Infosecwriteups

This article explores various threat actors known for their significant cyber attacks, detailing their origins, techniques, and famous hacks. It categorizes these actors by their affiliations, such as state-sponsored and financially motivated groups, providing insight into their behaviors and methodologies. Affected: Government networks, financial institutions, healthcare, energy sector, retail, hospitality, media, technology, and more.…

Threat Research

Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup

March 25, 2025 admin

The article discusses the evolution of the Lazarus group, indicating that it has now transformed into a collection of subgroups rather than a single entity. It emphasizes the importance of understanding these subgroups, their tactics, and their individual characteristics for effective cyber defense strategies. Affected: Japan, cryptocurrency sector, defense industry, aviation industry

Keypoints :

The term “Lazarus” has evolved from a singular APT group to multiple subgroups.…

Cyber Attack

New VanHelsing ransomware targets Windows, ARM, ESXi systems

March 25, 2025 BleepingComputer

Summary: A new multi-platform ransomware-as-a-service operation called VanHelsing has emerged, targeting various operating systems, including Windows and Linux. It allows affiliates to keep 80% of ransom payments and employs sophisticated encryption methods and stealth tactics in its operations. The ransomware has already been used in attacks against at least three victims, with ransoms set at 0,000.…

VanHelsing RaaS Launch: 3 Victims, K Entry Fee, Multi-OS, and Double Extortion Tactics

Cyber Security News

VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics

March 25, 2025 CybersecurityNews

Summary: The VanHelsing ransomware-as-a-service (RaaS) operation emerged on March 7, 2025, quickly claiming multiple victims through a user-friendly platform that supports a variety of operating systems. The scheme employs double extortion tactics and allows affiliates to profit significantly while only prohibiting attacks on the Commonwealth of Independent States (CIS).…

Cyber Attack

THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More

March 24, 2025 LeakNews

Summary: Recent cyber threats highlight vulnerabilities in open-source tools, escalating ad fraud through mobile apps, and advanced ransomware tactics targeting critical defenses. Notably, attacks have leveraged AI, and a supply chain breach at Coinbase exemplifies these risks. A rise in stolen credentials further underscores the urgent need for improved cybersecurity measures.…

Cyber Security News

Albabat Ransomware Expands Targets, Abuses GitHub

March 24, 2025 CybersecurityNews

Summary: Trend Micro reports that newly identified versions of the Albabat ransomware are now configured to target Windows, Linux, and macOS systems, with capabilities to retrieve components from a private GitHub repository. Active since 2023, Albabat utilizes advanced techniques to evade detection and shares infrastructure details that indicate its ongoing development.…

Cyber Security News

Report: Rooted Devices 250 Times More Vulnerable to Compromise

March 24, 2025 Cyware

Summary: A recent Zimperium analysis finds that rooted and jailbroken devices are 250 times more susceptible to system compromises and pose significant threats to corporate data security. The report identifies significant increases in malware attacks and filesystem breaches linked to these devices. Experts recommend improved threat detection techniques to manage security risks associated with rooted and jailbroken devices.…

Youtube

WSL Setup (GPU WiFi Cracking, Wireshark, Remote Desktop and a lot more)

March 24, 2025 admin

Summary: The video discusses the installation and setup of Windows Subsystem for Linux (WSL), specifically focusing on using Ubuntu and Kali Linux distributions. It covers prerequisites, command-line installation, and running graphical applications within these environments, demonstrating how to utilize tools like hashcat for tasks like GPU-based Wi-Fi hash cracking.…

Threat Research

VanHelsing, new RaaS in Town

March 24, 2025 Checkpoint

VanHelsingRaaS is an emerging ransomware-as-a-service (RaaS) launched in March 2025, allowing affiliates to initiate ransomware attacks with a low deposit. It targets multiple platforms and has already infected several victims demanding significant ransom payments. The program’s rapid growth and sophisticated capabilities highlight the evolving ransomware threat.…

Interesting Stuff

The Art of Wi-Fi Hacking & Protection with Aircrack-ng

March 22, 2025March 22, 2025 Infosecwriteups

This article provides a comprehensive guide on hacking and securing Wi-Fi networks using Aircrack-ng, detailing practical attack techniques and encryption vulnerabilities, as well as prevention strategies. The focus is on educating users about Wi-Fi security to help them protect their networks from potential attacks. Affected: Wi-Fi networks, cybersecurity sector

Keypoints :

Wi-Fi security is critical for protecting against cyber threats.…

Cyber Security News

Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote Takeover

March 22, 2025 Cyware

Summary: Esri has identified a critical vulnerability in its ArcGIS Enterprise platform that could enable attackers to hijack administrative accounts via a password reset flaw. The vulnerability, CVE-2025-2538, has a CVSS score of 9.8 and affects specific versions of Portal for ArcGIS. Organizations are urged to apply the security patch released by Esri to prevent potential data breaches and service disruptions.…

Cyber Security News

Albabat Ransomware Evolves to Target Linux and macOS

March 22, 2025 Cyware

Summary: New variants of the Albabat ransomware have been developed to target multiple operating systems, including Windows, Linux, and macOS. Researchers from Trend Micro have found that version 2.0 incorporates a GitHub account to enhance operational efficiency and track infections, with evidence suggesting a subsequent version, 2.5, is also under development.…

Youtube

Linux for Windows?

March 22, 2025 admin

Summary: The video discusses how to run Linux distributions, specifically Kali Linux and Ubuntu, on a Windows laptop using the Windows Subsystem for Linux (WSL). It demonstrates the capabilities this integration provides, such as running GUI applications, performing web security tests with Burp Suite, and utilizing Hashcat for password cracking while accessing GPU resources.…

Threat Research

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations

March 21, 2025 TrendMicro

Trend Research has identified new versions of the Albabat ransomware targeting Windows, Linux, and macOS platforms. The group is utilizing GitHub to facilitate their ransomware operations. Organizations are advised to enhance security protocols and implement preventive measures to mitigate potential ransomware attacks. Affected: Windows, Linux, macOS

Keypoints :

New versions of Albabat ransomware have been discovered, indicating a potential expansion of targets.…

Youtube

Its Not Really A 0-Day – PSW #866

March 21, 2025 admin

Summary: The video discusses this week’s security news, covering a variety of topics including compliance localization, a notorious cybersecurity myth, and several notable security incidents and vulnerabilities. Highlights include Microsoft trolling, a GitHub supply chain attack, the significance of proper firmware updates, and recommendations for Linux systems and tools.…

Tag: LINUX