CVE-2024-37085, or ‘ESX Admins’ is an authentication bypass vulnerability that allows attackers to gain unauthorized access to ESXi hosts, potentially leading to encryption of the file system and disruption of critical virtual machines. Join Nathan...
Learn how you can protect your systems against the XZ Utils backdoor (CVE-2024-3094) with Vali Cyber’s ZeroLock. This significant supply chain attack is targeting Linux and Unix-like systems, specifically Debian and Red Hat distributions, posing a severe security...
“Leaky Vessels” (CVE-2024-21626) is targeting containerized environments and enabling attackers to escape containers and compromise host systems, presenting a critical risk to cloud-native applications. Watch as our Threat Intel Lead, Nathan Montierth,...
The recently discovered BiBi-Linux Wiperware overwrites files, renames them with a random string containing “BiBi,” and excludes specific file types from corruption. This x64 ELF executable, devoid of obfuscation, poses a significant threat as it can...
The Looney Tunables (CVE-2023-4911) vulnerability has been discovered in GNU C Library’s dynamic loader, allowing attackers to act with root privileges on any Linux distribution running glibc. Join our Threat Intel lead, Nathan Montierth, as he demonstrates how...
SprySOCKS malware is a new Linux-targeted backdoor that has combines elements from Trochilus (a Windows backdoor) and the Socket Secure (SOCKS). This threat is orchestrated by the China-linked Earth Lusca group, which has relentlessly targeted government entities...
