Sneaky Orbit Malware Backdoors Linux Devices
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.
Linux is an open-source operating system used across servers and devices, so kernel, distribution, and software vulnerabilities can affect deployed systems.
Search across headline titles and summaries.
Background for this topic.
Linux is an open-source operating-system kernel: privileged software that manages hardware, memory, processes, filesystems, and networking. Most deployments use it through a distribution that adds user-space tools, package managers, libraries, and an update policy. This distinction matters in security reporting: a kernel flaw, a distribution-package flaw, and a flaw in an application running on Linux may have different affected versions and fixes.
Material attack surfaces include kernel code, loadable modules and device drivers, network services, local privilege boundaries, and third-party packages. Vulnerabilities can enable denial of service, information disclosure, or escalation from an unprivileged account to root, depending on configuration and exploitability. Administrators should track upstream and distribution advisories, apply security updates, and reboot when a running kernel remains vulnerable. Mandatory access-control systems such as SELinux or AppArmor can restrict compromised processes; signed repositories, audit logs, and tested configuration baselines support package integrity and investigation. Open source does not itself guarantee security: exposure depends on code, configuration, maintenance, and the surrounding software stack.
Weekly headline count for the current query.
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.
Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.
Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins.
The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s network-attached storage (NAS) appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP […]
A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel.
The issue in the file-sharing and interop platform also affects Red Hat, SUSE Linux and Ubuntu packages.
LOLBins help attackers become invisible to security platforms. Uptycs provides a rundown of the most commonly abused native utilities for Windows, Linux and macOS – and advice for protection.