Tag: LINUX

Fake Cloudflare Verification Results in LummaStealer Trojan Infections
This article describes an ongoing malware campaign utilizing malicious WordPress plugins to spread the LummaStealer trojan. The malware trick users into running harmful PowerShell commands, thus collecting sensitive data from infected PCs. The campaign exploits fake human verification prompts primarily targeting Windows users. Affected: WordPress websites, Windows operating system users

Keypoints :

LummaStealer is an infostealer malware designed to collect sensitive data.…
Read More
How I Wasted 537 Dollars on the SANS Paller Scholarship without Even Being Considered as a Valid Applicant
This article recounts an individual’s challenging experience with the Paller Cybersecurity Scholarship application process, highlighting communication breakdowns, delays in credential validation by partner organizations, and unexpected financial burdens. Despite the scholarship’s promise of substantial professional development in cybersecurity, the author expresses frustration over a lack of accountability and support from SANS Institute, ultimately resulting in an unsuccessful application.…
Read More

Summary: The video discusses the misconceptions surrounding mainframes, highlighting their evolution into modern, powerful, and sustainable platforms. It emphasizes their capabilities, including running multiple Linux systems on a single chip and their compatibility with contemporary tools, all while being cost-effective and energy-efficient.

Keypoints:

Mainframes are not old or outdated; they have evolved into modern platforms.…
Read More

Summary: The video discusses the command and control infrastructure dubbed “Convo C2,” which enables red teamers to execute system commands on compromised hosts via Microsoft Teams. Released in November 2024, this tool cleverly hides data within HTML tags and utilizes Microsoft servers for communication, making detection by security solutions challenging.…
Read More
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog
Mandiant’s discovery in mid-2024 revealed that the China-nexus espionage group, UNC3886, deployed custom backdoors on Juniper Networks’ Junos OS routers, utilizing various capabilities to maintain long-term access while circumventing security protections. Mandiant urges organizations to upgrade their Juniper devices to mitigate these vulnerabilities and recommends security measures.…
Read More
New XCSSET Malware Adds New Obfuscation and Persistence Techniques to Infect Xcode Projects | Microsoft Security Blog
A new variant of XCSSET malware has been discovered, which is specifically designed to infect macOS Xcode projects. This sophisticated malware utilizes advanced obfuscation, updated persistence techniques, and novel infection strategies to exfiltrate sensitive information, including digital wallet data. It operates in a stealthy manner, often remaining fileless, which complicates detection and removal efforts.…
Read More
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Summary: This week’s cybersecurity report highlights the evolving landscape of cyber threats, including advanced techniques used by threat groups and rising supply chain vulnerabilities. Law enforcement efforts against cybercriminal networks show promise, while new exploits and vulnerabilities demand prompt attention from organizations. The report includes notable incidents, emerging attack methods, and critical vulnerabilities that security teams should prioritize.…
Read More
Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services
Summary: Nvidia has issued patches for two significant vulnerabilities in its Riva AI services that could enable hackers to exploit its functionalities. The issues involve improper access controls, allowing for potential privilege escalation and denial of service attacks. Both vulnerabilities affect earlier versions of Riva (2.18 and prior) and are critical for users to address promptly to avoid unauthorized access.…
Read More
Sunset:1 Walkthrough
This walkthrough provides a detailed guide on tackling the Sunset: 1 Capture The Flag (CTF) challenge, emphasizing skills in web exploitation, enumeration, and privilege escalation. Users navigate various tools and commands to identify and exploit vulnerabilities, ultimately achieving root access. Affected: Vulnerable web platforms

Keypoints :

The Sunset: 1 CTF challenge is designed for skill development in web exploitation and privilege escalation.…
Read More
Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs – Tinyhack.com
This article provides a practical guide on recovering data from the Akira ransomware variant without paying the ransom, detailing the technical approach, source code, and encryption methods used by the ransomware. The author shares their personal experience and insights into the brute-forcing method that made the data recovery possible.…
Read More
90-Day Cybersecurity Study Plan

📚Day 1-7: Network+Watch videos from Professor Messer’s N10-008 Playlist: https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G

📚Day 8-14: Security+Watch videos from Professor Messer’s SYO-601 Playlist: https://youtube.com/playlist?list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8Complete any related practice questions or exercises

📚Day 15-28: LinuxFollow the tutorials on Ryan’s Tutorials: https://ryanstutorials.net/linuxtutorial/Take the Linux course on EdX: https://edx.org/learn/linuxRead through the Linux Documentation Project (LDP): http://tldp.org…

Read More
Akira Ransomware Expands to Linux: The Attacking Abilities and Strategies
Akira ransomware has emerged as a significant threat, particularly targeting Linux systems. The ransom note indicates extensive data encryption and the removal of backups. The attack strategy involves sophisticated parameters for encryption and an efficient identity concealment approach, emphasizing the group’s experience in ransomware operations. Affected: corporate infrastructure, Linux systems, backup data, database files, virtual machine files

Keypoints :

Akira ransomware targets internal corporate infrastructures, claiming to have encrypted data and removed backups.…
Read More
Cato CTRL, Threat Research: Ballista – New IoT Botnet Targeting Thousands of TP-Link Archer Routers
A recent global campaign has been identified that targets TP-Link Archer routers through a remote code execution (RCE) vulnerability (CVE-2023-1389). The campaign exploits these routers to create a botnet, with the potential for widespread impact given the number of vulnerable devices connected to the internet. The malware dropper utilizes a bash script to install and execute additional malware while maintaining evasion techniques.…
Read More