The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
SecurityWeek

New ‘SSHStalker’ Linux Botnet Uses Old Techniques

The SSHStalker Linux botnet has ensnared 7,000 systems, deploying various scanners and malware, an IRC bot, and multiple kernel exploits.
Network World

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, ...
Linux Journal

Linux Kernel Runtime Guard Reaches 1.0: A Major Milestone for Runtime Kernel Security

LKRG is a loadable kernel module designed to protect the Linux kernel at runtime. Instead of relying solely on compile-time ...
Linux Journal

Inside the Linux Kernel Runtime Guard (LKRG): A New Layer of Kernel Integrity Protection

LKRG (short for Linux Kernel Runtime Guard) is a loadable kernel module that continuously monitors the health and integrity of the Linux kernel while it’s running. Unlike many security features that ...
Hackaday

A Potential Exploit With The Ext Filesystem

The extended filesystem, otherwise known as ext, has been a fundamental part of Linux since before the 1.0 release in 1994. Currently the filesystem is on its fourth major revision, in use since its ...
CSO Online

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.

The latest Linux kernel release closes out the 6.x era - and it's a gift to cloud admins

The latest Linux kernel release closes out the 6.x era - and it's a gift to cloud admins ...