Linux - Cybersec Sentinel

Linux

A collection of 5 posts

PUMAKIT Rootkit Threatens Linux Systems Worldwide

PUMAKIT Rootkit Threatens Linux Systems Worldwide

Threat Group: Unknown Threat Type: Rootkit Exploited Vulnerabilities: Targets Linux kernels prior to version 5.7 Malware Used: PUMAKIT Threat Score: High (8.0/10) – Due to its advanced stealth capabilities and potential impact on critical infrastructure. Last Threat Observation: December 13, 2024, by Elastic Security Labs Overview PUMAKIT is

Linux UEFI at Risk with Bootkitty Malware Emergence

Linux UEFI at Risk with Bootkitty Malware Emergence

Threat Group: Unknown Threat Type: UEFI Bootkit Exploited Vulnerabilities: Linux UEFI Firmware (Kernel Signature Verification Bypass) Malware Used: Bootkitty Threat Score: High (8.0/10) — Due to its advanced attack vector targeting the boot process and its implications for Linux system security. Last Threat Observation: November 27, 2024, Overview In

Gelsemium APT Shifts Focus to Linux with WolfsBane Backdoor

Gelsemium APT Shifts Focus to Linux with WolfsBane Backdoor

Threat Group: Gelsemium APT Threat Type: Advanced Persistent Threat (APT) Exploited Vulnerabilities: Linux systems, specifically Apache Tomcat servers Malware Used: WolfsBane (Linux backdoor), FireWood (Linux backdoor) Threat Score: High (8.5/10) — Focus on critical infrastructure, advanced obfuscation, and cross-platform targeting. Last Threat Observation: November 22, 2024. Overview The WolfsBane

GNU Wget Exposed by Malicious URI Handling in CVE-2024-38428

GNU Wget Exposed by Malicious URI Handling in CVE-2024-38428

Threat Group: N/A Threat Type: Software Vulnerability Exploited Vulnerabilities: CVE-2024-38428 Malware Used: N/A Threat Score: High (9.1/10) — Critical vulnerability due to potential for sensitive data exposure, phishing, and man-in-the-middle (MiTM) attacks. Last Threat Observation: June 2, 2024, fix commit pushed; vulnerability classified in August 2024. Overview

Intel and AMD Face Renewed Threat From Spectre Exploits

Vulnerabilities

Intel and AMD Face Renewed Threat From Spectre Exploits

Threat Group: N/A (Multiple Research Teams) Threat Type: Speculative Execution Vulnerability Bypass Exploited Vulnerabilities: CVE-2023-38575 (Intel), CVE-2022-23824 (AMD) Malware Used: N/A (Exploit technique) Threat Score: High (8.5/10) — Due to its ability to bypass significant speculative execution mitigations in widely used CPUs. Last Threat Observation: October 18,