Online discussions have highlighted a new malware called Perfctl, which, after exploiting server vulnerabilities or misconfigurations, downloads a payload that moves to the /tmp directory under a different name imitating a known Linux process. It then establishes a local command-and-control process and attempts to gain root system rights. The malware has advanced evasion techniques, suspends activity when detecting a new user, and terminates competing malware. Researchers estimate thousands of machines are infected, while vulnerable machines are in the millions. The malware also installs software for proxy-jacking.
Google Issues Urgent Update for Recent Chrome Zero-Day Vulnerability
Hey, my Bay Area cybersecurity and healthcare buddies! We’ve got a bit of a heads-up for you regarding our ever-reliable buddy, Google Chrome. Now, we