Attackers deploy Linux backdoor on e-stores compromised with software skimmer

Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores. Security researchers from Sansec Threat Research Team discovered a Linux backdoor during an investigation into the compromised of an e-commerce server with a software skimmer. The attackers initially conducted a reconnaissance phase by probing the […]

Continue Reading

Experts found 14 new flaws in BusyBox, millions of devices at risk

Researchers have identified a total of 14 new vulnerabilities in BusyBox that expose million of Unix-based devices to cyberattacks. Researchers from software development company JFrog and industrial cybersecurity firm Claroty have identified a total of 14 new critical vulnerabilities in BusyBox. The software is used by many network appliances and embedded devices with limited memory […]

Continue Reading

Expert found a critical remote code execution bug in Linux Kernel

A critical heap-overflow vulnerability, tracked as CVE-2021-43267, in Linux Kernel can allow remote attackers to takeover vulnerable installs. A SentinelOne researcher discovered a critical remote code execution vulnerability, tracked as CVE-2021-43267, resides in the Transparent Inter Process Communication (TIPC) module of the Linux kernel. The flaw is a critical heap-overflow issue that could lead to […]

Continue Reading

Un voleur de mots de passe et un mineur infectent le package UAParser.js | Blog officiel de Kaspersky

Des cybercriminels non identifiés ont compromis plusieurs versions de la célèbre bibliothèque UAParser.js de JavaScript en injectant un code malveillant. Selon des statistiques publiées sur la page du développeur, de nombreux projets utilisent cette bibliothèque, téléchargée entre 6 et 8 millions de fois par semaine. Les malfaiteurs s’en sont pris à trois versions de la […]

Continue Reading