The Kinsing malware operator is exploiting a critical vulnerability in the Apache ActiveMQ message broker to compromise Linux systems. This flaw, allowing remote code execution, was previously targeted by ransomware gangs such as HelloKitty and TellYouThePass. The malware targets competing Monero miners, evades detection, and adds rootkits into the Linux system configuration files to execute with every system process. System administrators are urged to upgrade Apache Active MQ to patched versions to mitigate the threat.
Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
Researchers found a new malware campaign that uses a Bring Your Own Vulnerable Driver (BYOVD) technique. This malware drops a legitimate Avast Anti-Rootkit driver and
