Blog Posts Tagged with "Linux"

Fa42af438e58b799189dd26386f5870f

Researchers Detail Linux-Based “Chaos” Backdoor

February 20, 2018 Added by:Ionut Arghire

A Linux-targeting backdoor observed in live attacks in June last year was recently found to have been part of an older rootkit, GoSecure researchers reveal.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

LuaBot Linux Botnet Is Written in Lua Language

September 07, 2016 Added by:Ionut Arghire

A newly discovered Linux botnet that was coded using the Lua programming language is targeting Internet of Things (IoT) devices in addition to Linux systems and servers, researchers warn.

Comments  (0)

Bdcd1324539ec513ff7c10014b9668b6

Investigating In-Memory Network Data with Volatility

September 25, 2012 Added by:Andrew Case

This post will discuss Volatility’s new Linux features for recovering network information including enumerating sockets, network connections, and packet contents, and will discuss each plugin along with implementation, how to use it, output, and which forensics scenarios apply...

Comments  (0)

Bdcd1324539ec513ff7c10014b9668b6

Analyzing the KBeast Rootkit and Detecting Hidden Modules with Volatility

September 18, 2012 Added by:Andrew Case

KBeast is a rootkit that loads as a kernel module. It also has a userland component that provides remote access. This backdoor is hidden from other userland applications by the kernel module. KBeast also hides files, directories, and processes that start with a user defined prefix...

Comments  (0)

Bdcd1324539ec513ff7c10014b9668b6

Analyzing the Average Coder Rootkit, Bash History, and Elevated Processes with Volatility

September 16, 2012 Added by:Andrew Case

This post showcases some of Volatility’s new Linux features by analyzing a popular Linux kernel rootkit named “Average Coder” and includes recovering .bash_history, finding userland processes elevated to root, and discovering overwritten file operation structure pointers...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Pentoo 2012: A Penetration Testers Distro of Gentoo Linux

September 09, 2012 Added by:Dan Dieterle

I’ve never seen Pentoo before, but couldn’t resist taking a peek. Basically Pentoo is Gentoo Linux with a bunch of security focused tweaks. I am married to Backtrack and am not interested in switching to another Linux Security Distro, but Pentoo looks enticing...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 pt 4: Cracking Linux Passwords and Pentesting with Grep

August 20, 2012 Added by:Dan Dieterle

Because we had a root shell, we were able to grab the Linux password hashes from the system by simply copying them and pasting them on our local machine. We were then able to use John the Ripper to crack them. We now have passwords to play with...

Comments  (0)

Bdcd1324539ec513ff7c10014b9668b6

Recovering tmpfs from Linux and Android Memory Captures with Volatility

August 14, 2012 Added by:Andrew Case

Tmpfs is interesting from a forensics perspective for a few reasons. The first is that, in a traditional forensics scenario, the investigator expects that he can shut a computer off, images its disk(s), and get back the filesystem at the time of when the computer was running. With tmpfs, this is obviously not true...

Comments  (3)

03b2ceb73723f8b53cd533e4fba898ee

The Rise of Multi-Platform Malware

July 12, 2012 Added by:Pierluigi Paganini

Using a JAR, the malware is able to identify the OS and download the right files to infect the targeted machine. After identifying the type of operating system a unit is running, a Java class file will download the appropriate malware, with the purpose to open a backdoor to allow remote access to the machine...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Multi-Platform Backdoor Malware in the Wild

July 11, 2012 Added by:Headlines

"The JAR file checks if the user's machine is running in Windows, Mac or Linux then downloads the appropriate files... the three different platforms behave the same way. They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OSX, Linux, and Windows respectively..."

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable: Gaining Root on a Vulnerable Linux System

May 22, 2012 Added by:Dan Dieterle

Metasploitable is a great platform to practice and develop your penetration testing skills. In this tutorial, I will show you how to scan the system, find one of the vulnerable services, and then exploit the service to gain root access...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Practice Linux Penetration Testing Skills with Metasploitable

May 18, 2012 Added by:Dan Dieterle

Okay, you have been reading up on computer security, and even played around with Backtrack some. You have been gaining some penetration testing skills, but now you want to try them out. What do you do? There are several sites that exist that allow you to (legally) test your abilities...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Adobe Releases Critical Updates Reader and Acrobat

April 12, 2012 Added by:Headlines

Adobe has released critical updates to address multiple vulnerabilities in Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier versions for Linux, and Adobe Acrobat X (10.1.2) and earlier versions for Windows and Macintosh...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wago IPC Multiple Vulnerabilities

April 09, 2012 Added by:Infosec Island Admin

Multiple vulnerabilities affecting the WAGO IPC 758-870, which is an embedded Linux programmable logic controller (PLC)could allow an attacker to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researchers Successfully Hacked Online Voting System

March 07, 2012 Added by:Headlines

"Within 48 hours of the system going live, we had gained nearcomplete control of the election server. We successfully changed every vote and revealed almost every secret ballot. Election officials did not detect our intrusion for nearly two business days..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Adobe Releases Critical Updates for Flash Player Vulnerability

March 06, 2012 Added by:Infosec Island Admin

Adobe has released critical updates for Android, Windows, Linux and Solaris operating systems to mitigate vulnerabilities in the company's Flash Player software that may have allowed attackers to inflict a denial of service or take control of a targeted system...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »