Addressing Linux vulnerabilities

Following the recent publicity of Linux vulnerabilities, here is an announcement from The Linux Foundation, of $10m of donations to their Open Source Security Foundation (OpenSSF). Among the donors are Microsoft and Google. Linux Foundation announces $10 million cross-industry investment in Open Source Security Foundation (scmagazine.com)

WhisperGate malware detected by Microsoft Threat Intelligence Centre

The Microsoft Threat Intelligence Centre (MSTIC) is reporting on a new strain of malware with destructive capabilities to wipe data from systems. This has primarily been targeting organisations and systems in Ukraine. The malware – designated WhisperGate – appears to act like ransomware but there is are no demands or recovery process …

Software abuse at source

Hackers are abusing the MSBuild environment to embedded malicious code into applications to evade detection. Attackers are abusing MSBuild to evade defences and implant Cobalt Strike beacons – SANS Internet Storm Centre