#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

hacking linux | Breaking Cybersecurity News | The Hacker News

Samba Service Hit By Remote Code Execution Vulnerability

Samba Service Hit By Remote Code Execution Vulnerability

Feb 24, 2015
A critical vulnerability has been fixed in Samba — Open Source standard Windows interoperability suite of programs for Linux and Unix, that could have allowed hackers to remotely execute an arbitrary code in the Samba daemon ( smbd ). Samba is an open source implementation of the SMB/CIFS network file sharing protocol that works on the majority of operating systems available today, which allows a non-Windows server to communicate with the same networking protocol as the Windows products. Samba is supported by many operating systems including Windows 95/98/NT, OS/2, and Linux. smbd is the server daemon of Samba which provides file sharing and printing services to clients using the SMB/CIFS protocol. Samba is also sometimes installed as a component of *BSD and OS X systems. The vulnerability, designated as CVE-2015-0240 , actually resides in this smbd file server daemon. The bug can be exploited by hackers to potentially execute code remotely with root privileges, the
New BlackEnergy Crimeware Enhanced to Target Linux Systems and Cisco Routers

New BlackEnergy Crimeware Enhanced to Target Linux Systems and Cisco Routers

Nov 05, 2014
Security researchers at Kaspersky Lab have unearthed new capabilities in the BlackEnergy Crimeware weapon that has now ability to hacking  routers , Linux systems and Windows, targeting industry through Cisco network devices. The antivirus vendor's Global Research & Analysis Team released a report Monday detailing some of the new " relatively unknown " custom plug-in capabilities that the cyber espionage group has developed for BlackEnergy to attack Cisco networking devices and target ARM and MIPS platforms. The malware was upgraded with custom plugins including Ciscoapi.tcl which targets The Borg's kit, and According to researchers, the upgraded version contained various wrappers over Cisco EXEC-commands and " a punchy message for Kaspersky , " which reads, " F*uck U, Kaspersky!!! U never get a fresh B1ack En3rgy. So, thanks C1sco 1td for built-in backd00rs & 0-days. " BlackEnergy malware program was originally created and used by cy
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Operation Windigo: Linux malware campaign that infected 500,000 Computers Worldwide

Operation Windigo: Linux malware campaign that infected 500,000 Computers Worldwide

Mar 18, 2014
In late 2013, Security Researchers identified thousands of Linux systems around the world infected with the OpenSSH b ackdoor trojan and  credential stealer  named Linux/Ebury ,  that allows  unauthorized access of an affected computer to the remote attackers. Antivirus Firm ESET's Reseacher team has been tracking and  investigating the operation behind Linux/Ebury and today team  uncovers the details [ Report PDF ] of a massive,  sophisticated and organized  malware campaign called ' Operation Windigo ', infected more than 500,000 computers and 25,000 dedicated servers. ' We discovered an infrastructure used for malicious activities that is all hosted on compromised servers. We were also able to find a link between different malware components such as Linux/Cdorked, Perl/Calfbot and Win32/Glupteba.M and realized they are all operated by the same group. '  ESET reported. Malware used in Operation Windigo: Linux/Ebury –  an OpenSSH backdoor use
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources