HiddenWasp malware seizes control of Linux systems

Security researchers have discovered a new strain of malware that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers.

Read more in my article on the Tripwire State of Security blog.

WannaCry ransomware scam tries to extort money without actually infecting your computer

Someone is trying to pull a fast one, attempting to trick unsuspecting users into paying a ransom… even though they *haven’t* infected your computer with ransomware.

Uh-oh. How just inserting a USB drive can pwn a Linux box

Give a USB drive a volume name like this, hand it to a friend who runs KDE Plasma on their Linux box, and they won’t be your friend much longer.

Read more in my article on the Hot for Security blog.

Spectre? Meltdown? F*CKWIT? Calm down and make yourself some tea

There is not much that consumers can do other than wait for security patches and mitigations to be released, and then apply them as a matter of priority.

The F*CKWIT Intel chip flaw. Ready yourself for patches

A newly-discovered design flaw has been found on Intel CPU hardware that could allow malicious code to access information supposedly held in “protected” areas of your computer’s memory.

New Linux malware hijacks one vendor’s IoT devices by exploiting CGI bug

A new form of Linux malware is hijacking Internet of Things (IoT) devices made by one Chinese vendor by exploiting a common gateway interface (CGI) vulnerability.

David Bisson reports.

Holding down the Enter key can smash through Linux’s defenses

An attacker can abuse a vulnerability to launch a shell with root privileges on most Linux machines… just by holding down the ‘Enter’ key for 70 seconds.

David Bisson reports.

Dirty COW Linux vulnerability – what you need to know

A newly discovered vulnerability in virtually all versions of the Linux operating system has been discovered.

NyaDrop exploiting Internet of Things insecurity to infect Linux devices with malware

A Linux threat known as NyaDrop is exploiting a lack of security in Internet of Things (IoT) devices to infect them with malware.

David Bisson reports.

48 characters enough to crash most Linux distros, says sysadmin

You’ll be surprised to hear that there is a disagreement in the world of Linux admins about how serious a systemd vulnerability really is.

David Bisson reports.

A patchtastic day for Flash and Windows users – don’t delay!

Don’t drag your feet. If the likes of Adobe and Microsoft describe vulnerabilities as critical it’s important that you patch them at your earliest opportunity.

Taking umbrage at Umbreon, the Linux rootkit that likes to hide

A Pokémon-themed rootkit called Umbreon is targeting Linux systems.

David Bisson reports.

Update Flash now – targeted attacks exploiting security holes

Windows, Mac and Linux users are being urged to update their installations of Adobe Flash, after the company pushed out a security patch addressing 23 reported vulnerabilities in the software.

Read more in my article on the Hot for Security blog.

Linux Mint site hacked, users unwittingly download backdoored operating system

Linux users should not fool themselves into believing that they are somehow magically immune from malware attacks.

Read more in my article on the We Live Security blog.

Years-old critical GNU C Library vulnerability patched by open source providers

Ubuntu, Red Hat, and a number of other leading open source solutions providers have patched a critical vulnerability in the GNU C Library that has been around for years.

David Bisson reports.

Linux trojan takes screenshots every 30 seconds, has ability to record sound

Researchers at Russian anti-virus firm Dr Web have uncovered a new Trojan horse for Linux that takes screenshots every 30 seconds and is capable of recording sound.

David Bisson reports.