Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Extending Red Hat Unified Kernel Images More Securely By Using Addons

With the advent of Confidential Virtual Machines (CVMs) in RHEL, a new challenge has emerged: Extending the Red Hat UKI (Unified Kernel Image) more safely and without compromising its security footprint. Starting with Red Hat 9.4, the systemd package (252-31 and onwards) supports UKI addons, which aim to solve this issue.In this blog, I explore the addons that enable safer extension of the UKI kernel command line.What is the Unified Kernel Image (UKI)?The linux kernel is the core of any Linux operating system. It's the interface between the hardware and the processes running on it, providing m

Red Hat Blog
Open in Source
#ios#mac#linux#red_hat#git#backdoor#samba#bios#auth
Attacks on Bytecode Interpreters Conceal Malicious Injection Activity

By injecting malicious bytecode into interpreters for VBScript, Python, and Lua, researchers found they can circumvent malicious code detection.

Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor

A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer.

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform

In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets. "Upon installation, this code would execute automatically,

APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike

ShadowPad, widely considered the successor of PlugX, is a modular remote access trojan (RAT) only seen sold to Chinese hacking groups.

Obfuscation: There Are Two Sides To Everything

How to detect and prevent attackers from using these various techniques Obfuscation is an important technique for protecting software that also carries risks, especially when used by malware authors. In this article, we examine obfuscation, its effects, and responses to it. What Is Obfuscation? Obfuscation is the technique of intentionally making information difficult to read, especially in

A $500 Open-Source Tool Lets Anyone Hack Computer Chips With Lasers

The RayV Lite will make it hundreds of times cheaper for anyone to carry out physics-bending feats of hardware hacking.

Detecting evolving threats: NetSupport RAT campaign

In this first Deep Dive with NTDR, we explore how defenders can leverage Snort for the detection of evasive malware threats.

Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware

Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. "On Windows, Chrome uses the Data Protection API (DPAPI) which protects the data at rest from other users on the system or cold boot attacks," Will Harris from the Chrome security team

North Koreans Target Devs Worldwide With Spyware, Job Offers

DEV#POPPER is back, looking to deliver a comprehensive, updated infostealer to coding job seekers by way of a savvy social engineering gambit.