A new threat has been found by Kasperky Labs
The Linux Turla is a new piece of malware designed to infect only Linux computers, which has managed to remain relatively hidden until now and has the potential of doing a lot of harm. Unfortunately, very little is known about it or how to fix it.
It doesn’t need root
One of the most interesting aspects of this Turla cd00r-based malware is that is doesn’t require elevated privileges, which is probably one of the reasons it’s so dangerous. It needs to be activated remotely with a „magic packet“ (similar to port knocking) and it needs existing network interface name. The end result is that it provides a backdoor to the user’s computer, and that the attacker can send commands with „/bin/sh -c “ script.“. It’s a little bit more complicated than this, but that is just the summary of it.
The open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web has found vulnerable to a critical flaw.
GNU Wget is a command-line utility designed to retrieve files from the Web using HTTP, HTTPS, and FTP, the most widely used Internet protocols. Wget can be easily installed on any Unix-like system and has been ported to many environments, including Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS.
When a recursive directory fetch over FTP server as the target, it would let an attacker „create arbitrary files, directories or symbolic links“ due to a symlink flaw.
Researchers at BlueBox security, who identified the vulnerability, dubbed the flaw as Fake ID, which affects all versions of Android operating system from 2.1 (released in 2010) up to Android 4.4, also known as KitKat.
ALL VERSIONS ARE VULNERABLE UPTO KITKAT