Security Leftovers
-
Several Linux Kernel Azure Vulnerabilities Fixed in Ubuntu
Recently, Canonical released security updates to address several vulnerabilities in the Linux kernel for Microsoft Azure Cloud systems in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. An attacker could possibly use these issues to cause a denial of service, expose sensitive information, or execute arbitrary code.
-
Cyber Security News ☛ 10 Best Linux Firewalls In 2024
At present, many computers are connected via numerous networks. Monitoring all traffic and having something to filter out good and harmful traffic is critical, and we achieve this with an application or service known as a firewall.
Early firewalls were essential software that filtered data traffic based on the sender’s IP address, port number, domain name, etc. However, newer firewalls can now read the data supplied and filter it accordingly.
-
Trend Micro ☛ Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma
Our Threat Hunting team uncovered a Linux variant of the Play ransomware that only encrypts files when running in a VMWare ESXi environment. First detected in June 2022, the Play ransomware group became notable for its double-extortion tactic, evasion techniques, custom-built tools, and substantial impact on various organizations in Latin America.
This is the first time that we’ve observed Play ransomware targeting ESXi environments. This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations.
VMWare ESXi environments are commonly used by businesses to run multiple virtual machines (VMs). They often host critical applications and data, and normally include integrated backup solutions. Compromising them can significantly disrupt business operations and even encrypt backups, which further reduces the victim’s capability to recover data.