New “B1txor20” Linux Botnet uses DNS Tunnel and exploits Log4J flaw.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 16 March 2022, 2036 UTC.

Content provided by email subscription to “The Hacker News Daily Updates.”

Source:

https://mail.google.com/mail/u/0/#inbox/FMfcgzGmvTvDPpkxXlwznJJBFPscVPlV

Please click link or scroll down to read your selections.

The Hacker News Daily Updates

Industrial Cybersecurity – Free Sample Chapters

Your one-step guide to understanding industrial cyber security, its control systems, and its operations.

Download Now Sponsored
LATEST NEWS Mar 16, 2022

New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw

A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360’s Netlab security team called it B1txor20 “based on its propagation using the file name …

Read More

New Infinite Loop Bug in OpenSSL Could Let Attackers Crash Remote Servers

The maintainers of OpenSSL have shipped patches to resolve a high-severity security flaw in its software library that could lead to a denial-of-service (DoS) condition when parsing certificates. Tracked as CVE-2022-0778 (CVSS score: 7.5), the issue stems from parsing a malformed certificate with …

Read More

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws. “As early as May …

Read More

Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters

Researchers have disclosed an unpatched security vulnerability in “dompdf,” a PHP-based HTML to PDF converter, that, if successfully exploited, could lead to remote code execution in certain configurations. “By injecting CSS into the data processed by dompdf, it can be tricked into storing a …

Read More

German Government Warns Against Using Russia’s Kaspersky Antivirus Software

Russian cybersecurity firm Kaspersky on Tuesday responded to an advisory released by Germany’s Federal Office of Information Security (BSI) against using the company’s security solutions in the country over “doubts about the reliability of the manufacturer.” Calling that the decision was made on …

Read More
 

Industrial Cybersecurity – Free Sample Chapters

Your one-step guide to understanding industrial cyber security, its control systems, and its operations.

Download Now Sponsored

For the latest cybersecurity-cybercrime news and information, please check the blog sidebar, links, and twitter posts.  Thanks for joining us today.

Russ Roberts

https://cyber-security-intelligence.org

https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, information security)