Plug-ins is a way of vendors and third-parties extending the functionality of software – it work very well, the success of WordPress is partly based on plug-ins. Now the threat actor vendors are taking the same approach with their malware – with the plug-ins helping to obfuscate the malware to …
Linux botnet runs crypto-miner malware
Linus servers are everywhere on the Internet, providing the infrastructure and hosting the Web sites and services we all use. So stealth malware that steals the performance of Linux machines is an issue for admins everywhere. Even though this attack appears to be tailored to specific targets, if you are …
log4j Timeline to date
Here is an interesting follow-up story on SANS Internet Storm Diary looking at the impact of the log4j issues and some of the exploits used. The Rise and Fall of log4shell – SANS Internet Storm Centre
“Patch Now” advised – more on the Linux vulnerabilities
TechRepublic has another article on Linux vulnerabilities that need to be addressed: Patch now: A newly discovered critical Linux vulnerability probably affects your systems | TechRepublic Linux servers – so you think this is not your problem? – Smart Thinking Solutions Twelve-Year-Old Linux Vulnerability Discovered and Patched – Schneier on …
Continue reading ““Patch Now” advised – more on the Linux vulnerabilities”
Only if you have an iLo
Not sure what an iLo is? Then this story is probably not for you – but if you have an HP server that someone looks after for you, then pass this on to them. Over 20 thousand servers have their iLO interfaces exposed to the internet, many with outdated and …