Learn how you can protect your systems against the XZ Utils backdoor (CVE-2024-3094) with Vali Cyber’s ZeroLock. This significant supply chain attack is targeting Linux and Unix-like systems, specifically Debian and Red Hat distributions, posing a severe security...
“Leaky Vessels” (CVE-2024-21626) is targeting containerized environments and enabling attackers to escape containers and compromise host systems, presenting a critical risk to cloud-native applications. Watch as our Threat Intel Lead, Nathan Montierth,...
The recently discovered BiBi-Linux Wiperware overwrites files, renames them with a random string containing “BiBi,” and excludes specific file types from corruption. This x64 ELF executable, devoid of obfuscation, poses a significant threat as it can...
The Looney Tunables (CVE-2023-4911) vulnerability has been discovered in GNU C Library’s dynamic loader, allowing attackers to act with root privileges on any Linux distribution running glibc. Join our Threat Intel lead, Nathan Montierth, as he demonstrates how...
SprySOCKS malware is a new Linux-targeted backdoor that has combines elements from Trochilus (a Windows backdoor) and the Socket Secure (SOCKS). This threat is orchestrated by the China-linked Earth Lusca group, which has relentlessly targeted government entities...
VMware Aria Operations for Networks (formerly vRealize Network Insight) is vulnerable to a critical severity authentication bypass flaw that could allow remote attackers to bypass SSH authentication and access private endpoints. Join Nathan Montierth, Vali...
