Two Year Old Linux Backdoor Found, Microsoft Finds IoT Vulnerabilities - ThreatWire

Microsoft finds a bunch of IoT vulnerabilities, a Linux backdoor existed for over two years undetected, and Emotet email addresses are now in have I been pwned! All that coming up now on ThreatWire. 

 #threatwire #hak5

Links:

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins and users.

Watch this on youtube: https://youtu.be/6d7EN1tbxQY

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Links:

BadAlloc:

https://msrc-blog.microsoft.com/2021/04/29/badalloc-memory-allocation-vulnerabilities-could-affect-wide-range-of-iot-and-ot-devices-in-industrial-medical-and-enterprise-networks/

https://threatpost.com/microsoft-warns-25-critical-iot-industrial-devices/165752/

https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04

https://www.bleepingcomputer.com/news/security/microsoft-finds-critical-code-execution-bugs-in-iot-ot-devices/

Linux Vulnerabilities:

https://www.zdnet.com/article/linux-kernel-vulnerability-exposes-stack-memory/

https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html

https://threatpost.com/linux-kernel-bug-wider-cyberattacks/165640/

RotaJakiro:

https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/

https://www.zdnet.com/article/rotajakiro-a-linux-backdoor-that-has-flown-under-the-radar-for-years/

https://www.bleepingcomputer.com/news/security/new-stealthy-linux-malware-used-to-backdoor-systems-for-years/

Emotet:

https://www.zdnet.com/article/emotet-botnet-harvested-4-3-million-email-addresses-now-the-fbi-is-using-have-i-been-pwned-to-alert-the-victims/

https://www.bleepingcomputer.com/news/security/emotet-malware-nukes-itself-today-from-all-infected-computers-worldwide/

https://www.troyhunt.com/data-from-the-emotet-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-nhtcu/

https://www.bleepingcomputer.com/news/security/fbi-shares-4-million-email-addresses-used-by-emotet-with-have-i-been-pwned/

Photo credit:

https://cdn.pixabay.com/photo/2017/05/17/19/30/linux-2321631_1280.jpg 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

Threat Wire RSS → https://shannonmorse.podbean.com/feed/

Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs

Host: Darren Kitchen → https://www.twitter.com/hak5darren

Host: Mubix → http://www.twitter.com/mubix

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆