Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
Dark Reading

After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud ...

Kaspersky warns that passwords hashed with MD5 algorithm can be cracked in minutes using a GPU

Just in time for World Password Day, Kaspersky is reminding everyone that outdated hashing algorithms such as MD5 remain among the worst choices for storing passwords.

My Password Has Been Stolen—What Happens Next?

Ever wondered what happens when your password is compromised? Here’s exactly how they are accessed, traded and weaponized.
SecurityWeek

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

The PCPJack worm targets cloud environments and vulnerable web applications to remove TeamPCP infections and steal ...
The Hacker News

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks ...

New PCPJack worm steals credentials, cleans TeamPCP infections

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing ...

Critical New Linux Zero-Day Confirmed—Hackers Get Root, No Patch Yet

Hot on the heels of Copy Fail comes Dirty Frag. A Linux kernel zero-day vulnerability with no patch, giving hackers root.
Bleeping Computer

Trellix source code breach claimed by RansomHouse hackers

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. Yesterday, the ...