Nimbuspwn from Linux Threatens
The Microsoft 365 Defender Research Team has discovered two Linux privilege escalation flaws tracked as CVE-2022-29799 and CVE-2022-29800 dubbed as Nimbuspwn, which can be exploited by attackers to conduct various…
Log4J vulnerability exploited by Bots
A backdoor found targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits dubbed B1txor20 based on…
Dirty Pipe Reaches QNAP Devices
QNAP warns most of its NAS devices are impacted by the recently discovered Linux vulnerability ‘Dirty Pipe.’. By exploiting this vulnerability an attacker can gain root access. The Dirty Pipe…
Linux Canonical Snap Manager Privilege escalation
Qualys researchers discovered a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation…
Linux Vulnerability Provides Root Access to Attackers
A newly discovered 12-year-old vulnerability dubbed “PwnKit in a Linux system tool Polkit can give attackers root privileges on machines running the operating system. Polkit, previously known as PolicyKit, is…
Control Web Panel Patches Critical Vulnerabilities
Researchers has disclosed details of two critical security flaws in open source Linux Control Web Panel that potentially expose Linux servers to remote code execution attacks. An attacker could chain the…
SysJoker Backdoor Haunts Windows , Linux, macOS
A backdoor likely used by an APT actor in targeted attacks was built to target Windows, macOS, and Linux systems, Dubbed SysJoker, targeting the web server of an educational institution. In…
Intel Feature Upgrade Feature in Linux
Intel now comes with a new ACPI specification called Platform Firmware Runtime Update and Telemetry (PFRUT). This allows for firmware updates to a PC’s BIOS or UEFI without forcing a…